We welcome and strongly support Microsoft’s successful challenge of a federal criminal search warrant for messages stored on an email server located in Ireland. The decision from the US Second Circuit Court of Appeals supports the protection of data stored in the cloud, and it provides overseas customers of US companies greater confidence that their private communications will not be seized directly from cloud service providers simply because they have a significant presence in the United States.
Microsoft prevailed on the argument that US authorities should have sought the assistance of the government of Ireland via a Mutual Legal Assistance Treaty (MLAT) rather than to demand the data from the company. The Court agreed that a search warrant could not be used to require a third-party provider of email to search a foreign site and bring the contents of its customer’s communications back to the United States. Cisco has supported Microsoft’s view of the case throughout the litigation—as did the government of Ireland.
The ruling reinforces an important principle—data and communications stored in the cloud should receive equivalent protections against unreasonable government search and seizure just like documents stored on premises or in paper files. For this same reason, Cisco has supported changes to the US Electronic Communications Privacy Act (ECPA) that would ensure search warrants are used whenever the US government seeks access to data in the cloud from service providers. Such warrants would then be clearly bounded by the territorial authority of the United States.
Last week’s groundbreaking decision and the approval of the Privacy Shield Agreement between the US and the EU will allow our overseas customers to take advantage of the cost savings, security gains, and innovation boosts that come from access to cloud-based computing while enjoying the safeguards afforded by their own countries’ data protection laws. These developments combine to grow confidence in the privacy and security of communications, something that is critical to the economic contribution of the global internet.
We also recognize the challenges faced by law enforcement confronting transnational crime in a global marketplace. Therefore, we strongly favor developing a modernized framework for national governments to route legal assistance requests in an efficient, coordinated way. For this reason, we applaud the recent introduction of the International Communications Privacy Act in the US House and Senate and look forward to working with the sponsors as these bills advance.