Call Us : 951 203 877 / 664 604 920


Microsoft must release overseas data

A judge in the US has ordered Microsoft to hand over a customer's emails, even though the data is held on a server in Ireland.

Microsoft has previously taken steps to reassure customers that data held on servers abroad should not be subject to search warrants by US authorities.

It follows concerns about data privacy after allegations of US spying by whistleblower Edward Snowden.

The judge said warrants for online data were different to other warrants.

The search warrant, which was issued to Microsoft by US authorities, sought information associated with a customer's email account including the customer's name, credit card details and contents of all messages.

Microsoft said that the account was hosted on a server in Dublin and therefore the search warrant was not valid as the data was outside of the US.

'Government disagrees'

Judge James Francis in New York said that this was true for "traditional" warrants but not for those seeking online content, which are governed by federal law under the Stored Communications Act.

He said the warrant should be treated more like a subpoeana for documents. Anyone issued with a subpoena by the US must provide the information sought, no matter where it was held, he said.

Law enforcement efforts would be seriously impeded and the burden on the government would be substantial if they had to co-ordinate with foreign governments to obtain this sort of information from internet service providers such as Microsoft and Google, Judge Francis said.

In a statement to Reuters, Microsoft said: "A US prosecutor cannot obtain a US warrant to search someone's home located in another country, just as another country's prosecutor cannot obtain a court order in her home country to conduct a search in the United States.

"We think the same rules should apply in the online world, but the government disagrees."

Microsoft logo Microsoft are hoping for a review of the decision to hand over a customer's data

A new data-protection law, currently being drafted by the European Union, aims to make sure companies no longer share European citizen's data with authorities of another country, unless explicitly allowed by EU law or an international treaty.

In response to the ruling in the US, Mina Andreeva, European Commission spokeswoman for justice, fundamental rights and citizenship, told the BBC: "The commission's position is that this data should not be directly accessed by or transferred to US law enforcement authorities outside formal channels of co-operation, such as the mutual legal assistance agreements or sectoral EU-US agreements authorising such transfers.

"Access by other means should be excluded, unless it takes place in clearly defined, exceptional and judicially reviewable situations."

Ms Andreeva also said that "the European Parliament reinforced the principle that companies operating on the European market need to respect the European data protection rules - even if they are located in the US."

Earlier this year German Chancellor Angela Merkel proposed building up a European communications network to help improve data protection and avoid emails and other data automatically passing through the United States.

Both of these actions were prompted by allegations of mass surveillance by the US National Security Agency.

Microsoft is hoping for a review of the decision from a federal district judge.

Font: bbc