In the latest twist on Privacy/Cybersecurity, Microsoft just won a controversial judgement from a Federal Appealate Court (2nd Circuit) this past Tuesday. The Court confirmed Microsoft’s right to refuse to provide data stored on an overseas server (Ireland).
In December 2013 Microsoft received a warrant requesting emails from a suspected drug trafficker. Microsoft did comply with the request with data that was stored on U.S. soil, but denied providing access to the foreign data. At the center of the storm was the 1986 Store Communications Act (SCA). Title 18, Chapter 121 of Code 2702 (a)(3) states,
a provider of remote computing service or electronic communication service to the public shall not knowingly divulge a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications covered by paragraph (1) or (2)) to any governmental entity.
Dissenting Judge Dennis Jacob wrote, if the recipient of a legal warrant “can access a thing here, then it can be delivered here” and it should not matter where the “ones and zeroes” are located in cyber space, Jacobs reasoned. “Where in my DVR are the images and voices?”
Don’t confuse this case with the Apple case from last year (San Bernadino terrorist) where Apple denied granting law authorities access to an iPhone. In that case the data was stored on U.S. soil and there was a lawful court order. Tim Cook simply viewed this as a PR opportunity – and we may all pay the price for that.
Title 18, Chapter 121, Code 2700 can be revised to read the local country’s courts must agree to release the data to the U.S. before it can be used in a U.S. court. In that case a foreign court order should tie up the loose ends. In lieu of that the Microsoft case has huge implications. Corporations that store emails, text, pictures, etc can find a country that has few privacy protection laws and plant their servers there. That way they can deny a court order requesting electronic data from large tax-avoiding corporations, money launderers, terrorists, drug dealers, murderers, or other scourge of society – all the while claiming to their customers and the world that their data is the most secure and private.
SO while it appears that for the near future data stored on overseas servers is safe, you can rest assured that BlackBerry will continue to comply with lawful court orders for whatever data they have access to.
Ethics AND Security – once again BlackBerry paves the way!