SoylentNews is people
SoylentNews
from the and-if-some-american-ones-slip-in-there-who-will-notice? dept.
A U.S. judge has ordered Google to hand over emails stored outside the country in order to comply with an FBI search warrant. The warrant in question pertains to a domestic fraud probe.
The ruling is notable because it goes against an appeals court judgement last year — recently upheld — pertaining to Microsoft customer data held in servers outside the US. In that instance a federal court ruled the company did not have to hand over data stored on its servers in Ireland to the US government, declining to "disregard the presumption against extraterritoriality," as the judge put it.
However in the Google case, U.S. Magistrate Judge Thomas Rueter ruled on Friday that the act of transferring emails from a foreign server did not qualify as a seizure. According to Reuters, the judge ruled there is no "meaningful interference" with the account holder's "possessory interest", going on to assert that any privacy infringement occurs "at the time of disclosure in the United States", rather than when the data itself is transferred.
Google's legal team had sought to use the Microsoft ruling as precedent to challenge the warrant's scope. The company had turned over data that was stored in the US only. In a statement it said it will be appealing the judgement. "The magistrate in this case departed from precedent, and we plan to appeal the decision. We will continue to push back on overbroad warrants," it said.
Both cases involve warrants issued under a 1986 federal law called the Stored Communications Act, which — as you can imagine, given its date-stamp — has long been described as a "woefully outdated" piece of legislation vs the technology it is now being used to regulate.
Source:
(Score: 1, Insightful) by Anonymous Coward on Wednesday February 08 2017, @04:14PM
This is it -- this is the lesson.
If the government can compel to bring data into an arena where they are legally able to then seize it, there is no difference between it being elsewhere or here. This is merely a method to claim they did not break existing law, because they did not overstep their authority to seize data outside of their jurisdiction.
They merely threatened to punish everyone who didn't deliver it to them. Then when it was delivered, it was delivered to an address in the US and so the seizure is completely fine and legal.
If you do not want to play that game, do not store data on services that have physical real estate in the USA that can host a device to store data on that can be seized.
That is not always easy to do, especially if you use consumer devices and have agreed to the various EULAs and already are quite entrenched in the ecosystems.