SoylentNews is people
SoylentNews
The Supreme Court announced Monday that it would hear a major digital privacy case that will determine whether law enforcement officials can demand user data stored by technology companies in other countries.
In 2013, federal investigators obtained a warrant for emails and identifying information tied to a Microsoft Outlook account they believed was being used to organize drug trafficking. The problem was that the emails were stored overseas in Ireland, where the anonymous user of the account registered as a resident.
...
If the court sides with the Department of Justice lawyers in this new case, the government will have unfettered access to the data tech companies store all over the world, provided it has a warrant. During the appeals court case, Microsoft's lawyers argued that the US is essentially trying to say that its laws extend across borders.
A superpower can demand all the extraterritoriality it wants.
(Score: 5, Insightful) by ledow on Tuesday October 17 2017, @11:39PM (2 children)
Microsoft (Ireland) is an entirely different company to Microsoft (US). If they weren't the same company, we could tax Microsoft (US) for the money it makes from the EU, for instance.
If you start saying that everyone carrying your name has to provide all their data to the US, you just killed every US company doing business on foreign soil. In same cases, you can't even trade in a country without having a company headquartered in it (so everyone has a local subsidiary in that country, even if it's just an office with a lawyer and an accountant), but that company is ENTIRELY under that country's law (so giving up their data will see you go to jail).
Whether or not the US judge rules either way, NOBODY in Microsoft (Ireland) can legally ALLOW (let alone actually give) their customer's data to leave the EU. You can't sack them for refusing. You can't insist they "let it happen". If they are aware of it (and they would have to be) they are legally obliged to take all technical and legal measures against it happening. Even allowing it to happen through slack security will see them in court. Welcome to proper data-protection.
And, being a separate company, the EU subsidiary can just bin anything from a US court. If it wants to enforce it, it would have to get the EU court to issue such an order (such as is done on a regular basis), and then that data will be subject to EU legal tests - such as whether it's necessary, proportionate, anonymised sufficiently, etc.
The US doesn't own the world. 50% of most of those mega-corporations business is done in the EU. Usually more than any US sales. They can order what they like, like the court could order me to provide him with a free banana because he's hungry. I rip up the out-of-jurisdiction order and carry on with my life. Maybe I can't go to the US. Cool. That's a great business relation, well done.
They've been saying for YEARS that they'd order this, but it's fundamentally incompatible with international and EU law and literally unenforceable. It also would provide a backlash of similar requests and market-actions that would cost the US dear if they pushed the issue via side-channels to steal that data.
If a US judge can order me to give up my data, then I can order the entire US to give up theirs, in a roundabout way. If all I had to do was find the right court to make that happen, it would be anarchy, but no matter what court you use, the request just falls on deaf-ears the other end.
Nobody in the EU is going to break the local law to comply with a request from a jurisdiction they are not subject to. And they can't be made to make that decision. It's made for them, already. They can't be punished for having followed that decision not-to-act either, it would end up in more court cases than you could imagine overnight.
And the EU courts will just keep batting it back saying "file the proper paperwork and you could have had this years ago... that you DON'T want to file the paperwork tells us that we shouldn't be giving you that data".
(Score: 0, Disagree) by Anonymous Coward on Wednesday October 18 2017, @01:26AM (1 child)
We can do whatever we want with Microsoft. We can tax them for Ireland. We can make them hack things in Ireland.
How the Irish react is up to them. What are we going to do, send the Marines? Well, actually we could, but that wouldn't be worthwhile. We could have CIA agents throw a bag over somebody and then sneak them out of the country in a diplomatic pouch or in a mini-submarine. Again, this isn't worthwhile, but we could do it. There are numerous ways to bully Ireland.
So yes, we certainly can tell Microsoft to get the data, and we can punish them if they fail. Perhaps the US employees will all sneak into Canada and claim asylum.
(Score: 0) by Anonymous Coward on Wednesday October 18 2017, @03:15AM
Not as numerous as they once were. It's part of the EU now, and since the Snowden leaks, EU doesn't roll over easily over data protection. Some other things, yes, this one, no.