Today, Sep 9 2015, is an historic day. Microsoft, buoyed by the briefs of some 94 amici curiae including Apple and Amazon, the ACLU and NPR, CNN and Fox News, is before a three-judge panel (Judges Lynch, Carney, and Bolden) at the Federal Court of Appeals for the Second Circuit in New York. The result of today’s oral arguments, and the subsequent decision of the panel, would have far-reaching consequences as to data privacy, Cloud computing, foreign relations law and the extraterritoriality of search warrants.
Just over a year ago, on Sep 8 2014, the District Court held Microsoft in contempt for failure to comply with a warrant compelling Microsoft to search for and turn over copies of a customer’s private emails. Specifically, the warrant was issued under § 2703(a) of the Electronic Communications Privacy Act. Microsoft justified its refusal by asserting that i) the requested emails were stored on a computer server in Ireland; and ii) a § 2703(a) warrant does not have extraterritorial reach.
Microsoft contends that the warrant is domestic-only because:
- Statutes are presumed not to apply abroad unless Congress explicitly states otherwise, and the ECPA does not explicitly grant extraterritorial search and seizure powers;
- A warrant is understood to be a domestic law enforcement tool;
- The rule that governs subpoenas, i.e., that documents should be produced on control, not location, is inapplicable here because ECPA § 2703 distinguishes between a warrant and a subpoena, and § 2703(a) exclusively refers to warrants.
As such, Microsoft argues that the appropriate pathway for the government to request extraterritorial data is through the United States-Ireland Mutual Legal Assistance Treaty (“MLAT”), and not through a § 2703(a) warrant.
Microsoft also highlights the policy concerns of permitting unilateral seizures of private data located abroad. “If the United States asserts unilateral authority to seize private email correspondence on foreign soil, other countries will claim the same unilateral authority to seize the private emails of U.S. citizens on U.S. soil.”
On the other hand, the government asserts, inter alia, that:
- The plain text and statutory structure of the ECPA makes clear that court-ordered warrants have the power to require the disclosure of records;
- Compelled disclosure reaches records stored abroad so long as there is personal jurisdiction over the custodian and the custodian has control over the records;
- Courts are “empowered to consider competing national interests when ordering the disclosure of materials located in foreign countries,” and “the powerful interest of the government in enforcing criminal law outweighs the foreign prohibition”;
- Congressional silence on the extraterritoriality of the ECPA is to be interpreted as a presumption for extraterritoriality, because when the ECPA was enacted “it was a settled point of law that compulsory process could reach records stored overseas . . . ”;
- The warrant can compel production even of private data not owned by Microsoft;
- Compliance with the warrant would not be an affront to international norms, wherein a sovereign has the authority to order an entity within its jurisdiction to repatriate records;
- Neither would there be a violation of Irish or European law by Microsoft’s compliance with the warrant.
With respect to the policy concerns, the government challenges that Microsoft’s reading would undermine the ECPA’s comprehensive disclosure scheme, severely impair the investigation and prosecution of criminals, and do nothing to advance the privacy interests of email users. The government contends that is not necessary to use an MLAT to obtain evidence located in a foreign country when other lawful means of obtaining the evidence are available; that the unavailability of MLATs with all countries would hamstring U.S. criminal prosecution efforts if jurisdiction is restricted only to those countries with which the U.S. has MLATs; that the transitory nature of Cloud data makes MLATs unsuitable as an evidence-gathering tool; and that MLAT requests take months to process and years to complete.
In this classic case of tech industry versus government, who will you be cheering on today?
———————————————————————————————————————————-
Magnus Gan is an editor on the Michigan Telecommunications and Technology Law review, and a member of the University Michigan Law School class of 2017.