Microsoft has come out in support of a US bill that would limit the extraterritorial reach of search warrants, an issue at the center of an ongoing legal battle with the US Department of Justice. In that case, the DOJ is seeking to force Microsoft to hand over personal email data for a non-US citizen that is stored in a non-US data center. Microsoft has refused, noting that the United States must respect the sovereignty of other countries.
“The bipartisan introduction of the Law Enforcement Access to Data Stored Abroad (LEADS) Act of 2015 is an important step to reform our outdated privacy laws,” Microsoft general counsel and executive vice president Brad Smith writes in the Microsoft on the Issues blog. “We commend the sponsors–Senators Hatch, Coons and Heller–for introducing this critical legislation in the United States Senate.”
The LEADS Act would “safeguard data stored abroad from improper government access” and is considered a more modern update to the Electronic Privacy Act (ECPA) of 30 years ago. As with the ECPA, LEADS aims to balance the legitimate needs of law enforcement with personal privacy, but updated for the modern age and explicitly addressing issues of national sovereignty. (Congress intended for ECPA to apply only domestically.)
“It has been well established that courts in the United States lack the power to issue warrants authorizing extraterritorial searches and seizures, and neither ECPA nor subsequent amendments extended the warrant power of courts in the United States beyond the territorial reach of the United States,” the bill notes. “Nevertheless, Congress also recognizes the legitimate needs of law enforcement agencies … Therefore, this Act authorizes the use of search warrants extraterritorially only where the Government seeks to obtain the contents of electronic communications belonging to a United States person.”
Microsoft fully supports this bill, and Mr. Smith says that LEADS is “a real solution to a real problem” and offers “common sense reforms.”
But that’s no surprise: Microsoft has been battle the DOJ since December 2013, when the federal agency demanded that the software giant turn over information held in an individual’s email account. Microsoft refused, noting that the search warrant was unlawful because the individual was not a US citizen and the information was stored in an Ireland data center, and thus beyond the legal reach of US search warrants.
In a strange bit of back and forth, a federal court eventually ruled that Microsoft would indeed need to turn over the information because the government request was a “hybrid”—part search warrant, part subpoena—that didn’t require government officials to physical enter the location where the information was stored. Microsoft again refused and is appealing that ruling.
More generally, Microsoft has been a major proponent of transparency in governmental requests for information, and as with other firms like Google, it has fought to expand its ability to communicate what the government is asking for, as well as why and when. Here, too, there is a debate concerns the balance between the legitimate needs of law enforcement—which is often seeking information about terrorists and other criminals—and the privacy rights of individuals.
“We’re joining a broad coalition of companies and associations in the technology, telecommunications, manufacturing and cloud computing sectors to advocate for passage of the LEADS Act,” Mr. Smith writes. “Passage of the LEADS Act would be a very important step, but there is more to do to ensure that 2015 becomes a year for solutions that promote personal privacy and protect public safety … It’s clear that 2015 needs to be a year for solutions.”