Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday June 11 2014, @04:24PM   Printer-friendly
from the potential-for-more-damage-to-US-businesses dept.

Microsoft is challenging the authority of federal prosecutors to force the giant technology company to hand over a customer's email stored in a data center in Ireland. Microsoft said that if the judicial order to surrender the email stored abroad is upheld, it "would violate international law and treaties, and reduce the privacy protection of everyone on the planet." The objection is believed to be the first time [PDF] a corporation has challenged a domestic search warrant seeking digital information overseas. The case has attracted the concern of privacy groups and major United States technology companies, which are already under pressure from foreign governments worried that the personal data of their citizens is not adequately protected in the data centers of American companies.

Verizon filed a brief on Tuesday, echoing Microsoft's objections, and more corporations are expected to join. The Electronic Frontier Foundation is working on a brief supporting Microsoft. European officials have expressed alarm.

The Washington Post reports Microsoft, one of the world's largest e-mail providers, is resisting a government search warrant to compel the firm to turn over customer data held in a server located overseas.

The battle, which began in December when a magistrate judge in New York issued the warrant, also raises significant economic and diplomatic issues for U.S. companies that store mounds of data for others as part of the burgeoning cloud computing industry, which has been battered in the wake of revelations about its cooperation with U.S. spy agencies conducting broad surveillance.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Insightful) by Anonymous Coward on Wednesday June 11 2014, @04:48PM

    by Anonymous Coward on Wednesday June 11 2014, @04:48PM (#54209)

    I am totally good with making MS hand over the data. Or any other company. If they don't like it, nobody is forcing them to be multinational corporations. As corporate boot-lickers are fond of saying - "nobody is putting a gun to their head" to make them do business in the US (or any other country). They just want to have their cake and eat it too.

    Better that the market for email be fragmented into hundreds of players each with a variety of strengths (including, but not limited to, their local legal systems) than just a handful of behemoths where one bad policy decision could effect hundreds of millions of users.

    • (Score: 2) by davester666 on Thursday June 12 2014, @06:29AM

      by davester666 (155) on Thursday June 12 2014, @06:29AM (#54455)

      So, the gov't of Yemen can pass a law saying any email can be demanded by their secret service without a warrant, and because Microsoft has an office there, all email anybody has sent or received anywhere on the planet by Microsoft must be turned over? And before you say "Well, Microsoft can just stop doing business there", no, they can't. They have a whole bunch of contracts with individuals, companies and the gov't.

  • (Score: 5, Interesting) by frojack on Wednesday June 11 2014, @04:54PM

    by frojack (1554) on Wednesday June 11 2014, @04:54PM (#54210) Journal

    There, I said it.

    Its about time the company grew a pair. This company rolled over for the NSA on both windows cryptology and skype, and its both encouraging and odd so see them fighting a warrant.

    If they lose, and sadly, I think they may, it would mean any company with even a post office box address in another country would have to honor a warrant from that country to produce records held anywhere in the world.

    I don't think Microsoft will prevali, however. Because if simply keeping records in an off shore location could thwart any court order the rush to hold all such records in other countries, (or even floating) data-centers would cripple just about any investigation. Microsoft already played that card in Novel vs SCO fiasco, you know they would do it again.

    "Oh, so sorry, you can't investigate our illegal stock trading, because those records are overseas. No, the bribery records are kept in this other little country where the current dictator is a good friend of ours."

    Now if Irish Law prevented them from disclosing those records in response to a legally issued warrant, then there arises an interesting stand off. But baring that, I suspect Microsoft will be forced to hand over the emails.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 2, Insightful) by meisterister on Wednesday June 11 2014, @05:08PM

      by meisterister (949) on Wednesday June 11 2014, @05:08PM (#54218) Journal

      They probably just did it for marketing and PR. They likely know that by not fighting back, they'll lose customers.

      --
      (May or may not have been) Posted from my K6-2, Athlon XP, or Pentium I/II/III.
      • (Score: 1) by Ethanol-fueled on Wednesday June 11 2014, @05:18PM

        by Ethanol-fueled (2792) on Wednesday June 11 2014, @05:18PM (#54224) Homepage

        Especially now, given that they've neglected their strengths and severely weakened their position by engaging in and bungling forays into hostile territory in a suicidally-greedy corporate strategy akin to the failed American foreign policy -- both of which only pissed off their allies and emboldened their enemies.

        It's all bullshit. You bet your ass that when the American government wants something from Microsoft, they'll get it. It's foolish to assume that every three-letter agency down to the most rural constable won't get what they're asking for.

        Fucking BULLSHIT. FUCK!

    • (Score: 5, Interesting) by emg on Wednesday June 11 2014, @05:10PM

      by emg (3464) on Wednesday June 11 2014, @05:10PM (#54219)

      I doubt Microsoft are doing this as a matter of principle, more a matter of survival. They're increasingly looking at 'The Cloud' for future business, and this kind of ruling means no-one in their right mind would use Microsoft 'The Cloud' services.

      Will be interesting, in a few years, to add up how much the mass surveillance debacle has cost the US tech industry.

      • (Score: 2) by marcello_dl on Thursday June 12 2014, @05:39AM

        by marcello_dl (2685) on Thursday June 12 2014, @05:39AM (#54441)

        Indeed, I think that some years ago they would not have dared making this suggestion. Because they didn't have so much data to keep and because such a position implies that "no, I won't remove this copy of windows office, it's stored on a server in Elbonia".

    • (Score: 1, Interesting) by Anonymous Coward on Wednesday June 11 2014, @05:12PM

      by Anonymous Coward on Wednesday June 11 2014, @05:12PM (#54221)

      Who knows? Could just be an effort at public image manipulation, particularly with all the talk of back doors etc in their products and China forbidding official use of Windows 8.x. For all we know it is being orchestrated by the US Government as they would want to keep others using any product they have back doors in or can easily exploit otherwise.

      Call me a paranoid conspiracy theorist or whatever, it is a possibility that should not be overlooked and one I have no doubts other countries, like China, will consider it as well.

    • (Score: 5, Informative) by cliffjumper222 on Wednesday June 11 2014, @05:26PM

      by cliffjumper222 (2628) on Wednesday June 11 2014, @05:26PM (#54229)

      FWIW, EU law prevents transfer of personal information outside the EU unless the receiving countries laws provide the same rigorous protection. As the US's laws don't, there is program that US companies can opt-into that allows transfer should the company guarantee to provide EU-level protection (International Safe Harbor).

      --
      He who dares wins, Rodney
      • (Score: 3, Informative) by lx on Wednesday June 11 2014, @05:51PM

        by lx (1915) on Wednesday June 11 2014, @05:51PM (#54238)

        Don't worry about it. All it takes is some vage promises of protection that aren't worth the paper they're written on and most governments willingly hand over everything.

      • (Score: 5, Informative) by frojack on Wednesday June 11 2014, @06:14PM

        by frojack (1554) on Wednesday June 11 2014, @06:14PM (#54249) Journal

        Yes, and when you look into that you find that any court order or warrant satisfies the EU law.
        Its toothless pandering giving the perception of protection.

        --
        No, you are mistaken. I've always had this sig.
    • (Score: 3, Insightful) by monster on Thursday June 12 2014, @07:04AM

      by monster (1260) on Thursday June 12 2014, @07:04AM (#54464) Journal

      I don't think Microsoft will prevali, however. Because if simply keeping records in an off shore location could thwart any court order the rush to hold all such records in other countries, (or even floating) data-centers would cripple just about any investigation. Microsoft already played that card in Novel vs SCO fiasco, you know they would do it again.

      "Oh, so sorry, you can't investigate our illegal stock trading, because those records are overseas. No, the bribery records are kept in this other little country where the current dictator is a good friend of ours."

      It works quite well for banking, that's for sure.

      Although Microsoft, Google, Apple et al are usually presented as single entities, they are in fact conglomerates of several corporations, usually at least one per country, so in this case it could be that the judge is asking Microsoft Corp (the parent company) email records held in Ireland by Microsoft Ireland Inc. (a subsidiary). It may look simply like a way to thwart the action of courts and the IRS (and it usually also is) but it's standard way to cope with multinational operations, where the involved companies must obey the laws of all involved countries, even if they are incompatible. Doing so for two countries is doable, but doing so for many more at once is impossible.

  • (Score: 5, Insightful) by keplr on Wednesday June 11 2014, @05:15PM

    by keplr (2104) on Wednesday June 11 2014, @05:15PM (#54222) Journal

    We are at a point where the only way to trust that a company will not hand over your data is if they cannot hand over your data. This means they never get to see your unencrypted files and E-mails. If the capability exists, it will be used eventually. Even then you have to trust that the company's business practices are what they say they are. They could simply be lying, or forced to lie by the government. The governments of the world will just ratchet up the pressure until business leaders are forced to cave in, lose their business, face imprisonment, or be disappeared.

    Imagine this alternative reality. Lavar Levinson wasn't such paragon of virtue and decided he liked his business and wanted to keep it. So he gives the NSA the keys to the kingdom. Everything goes on working as it always did, but nothing is secure anymore. Lots of new privacy oriented businesses are appearing. Will all of them stand up and refuse to give in when the NSA comes knocking? How will you know when they're compromised?

    --
    I don't respond to ACs.
    • (Score: 3, Insightful) by Phoenix666 on Wednesday June 11 2014, @09:03PM

      by Phoenix666 (552) on Wednesday June 11 2014, @09:03PM (#54296) Journal

      What you're saying is true, but it still matters because it sends the message to the public that the government must be opposed. That makes it easier for others to resolve to do likewise. The more that becomes a "thing," the more it acquires internal momentum and somewhere within that could occur real changes and real defeats for the police state.

      It also sends a powerful message to schmucks in government, who are mostly risk-averse cowards (they are the only sort who thrive in bureaucracies), and who worship at the altar of private industry: the companies you were hoping will hire you after you leave government don't like you and won't have anything to do with you.

      --
      Washington DC delenda est.
      • (Score: 3, Insightful) by edIII on Thursday June 12 2014, @03:46AM

        by edIII (791) on Thursday June 12 2014, @03:46AM (#54416)

        It's better not to fight directly like that.

        You can't win an ideological war with the government. There's that saying about how the pig doesn't mind getting dirty that applies here. I'm not sure bringing back the true American ideals of freedom are possible anymore without open revolution. I'm that disillusioned and don't think any politician will take a stand to return us our freedoms that we lost.

        The only thing we can do, is fall back, and hit them even harder. Use their own momentum against them and slam their faces into the pavement. The pavement in this case would be the requirement of new laws that are far more frightening than anything we've yet seen. Encryption itself would need to outlawed, unless it had key escrow. I would expect that to raise all kinds of real hell, real fast. Corporations can't afford the costs of implementation and operation, and much of the public would lose their minds. It's a real statement to the effect that citizens are not actually allowed privacy from their government, a rather extreme departure from our founding fathers intentions.

        We can all go there today. It's what the poster that started this whole threat alluded to, and that's zero knowledge services.

        LET THEM take the data. We should encourage the creation of new policies that say corporations can turn over the data to anyone at anytime for any reason. It won't make a damn bit of difference when you possess the only keys in your house. If government wants your data, they will have to do it face to face, or execute some Mission Impossible style raid where they bug all your equipment.

        That's what I want, and what I think is fair. If they consider me a threat, then expend the resources to sneak into my house and bug my equipment. I won't be offended, just amused you went through all that trouble for nothing. I'm not that interesting.

        We use end-to-end encryption similar to ZRTP and SAAS companies that specialize in Zero Knowledge, and you gain a lot more than what you would get with protests, writing letters to deaf Senators, or God forbid, actually wasting your time voting.

        --
        Technically, lunchtime is at any moment. It's just a wave function.
        • (Score: 2) by Phoenix666 on Thursday June 12 2014, @03:41PM

          by Phoenix666 (552) on Thursday June 12 2014, @03:41PM (#54625) Journal

          EdIII, god bless you. I say that because from my faith tradition it means "I support you and wish you well." If you don't share that, OK, but please accept it as an affirmation.

          I have touched enough of government, in its existence through its intelligence services, its diplomatic corps, and its past-Presidents, to know that the individuals who fill its ranks are not smart, not competent, and definitely not interested in serving the interests of the American people. They hold us in contempt. They think they are protected by an infinitely thick layer of reverence and deference from the common citizen such that they never have to worry that someone will call them out. And, if such a thing were to happen, they could quickly and totally discredit that person.

          Except, now we have a medium and reality where people like you and me can make sure they're on record forever, where their actions will be shared with every human down to the last farmer in Rwanda, forever. You and I owe it to our friends, family, and, frankly, ourselves, to make sure we do our utmost to hold them to account. That is not a passive act. It's an active one. In the past, our grandfathers stormed beaches to defend freedom. Now, it's you and me, actively fighting the forces of darkness in the medium we know best.

          Government and the Powers-that-Be know that they're on their last legs. That's why they're so keen to punish everyone. But their control has become brittle and quite breakable. And when we break it, it will be they who face the maximum penalty, not us.

          --
          Washington DC delenda est.
    • (Score: 2, Insightful) by be4verch33se on Wednesday June 11 2014, @11:06PM

      by be4verch33se (1994) on Wednesday June 11 2014, @11:06PM (#54338)

      We almost had this with Firefox sync. It was the first cloud based service as far as I'm aware that stored your encrypted data but not your private key. This, of course meant you had to keep your private key accessible or be able to enter an RSA pairing code with any other device you wanted to sync this data to.

      The service was deemed confusing and it was widely praised on "tech" websites when they abandoned it in favor of simple username and password based syncing.
       
      We live in world full of apathetic lazy morons. It will take a major society crippling event to go back now.

      • (Score: 0) by Anonymous Coward on Thursday June 12 2014, @02:56AM

        by Anonymous Coward on Thursday June 12 2014, @02:56AM (#54400)

        I've been a major critic of the new firefox sync, but you've mis-characterized the new version.

        The protocol is such that there is only one point in time (during account creation) in which mozilla has access to the decryption key. They promise that they don't hang on to the key, and they probably don't (at least not without a court order, so all bets are off). But it is definitely a lot more secure than the typical username/password scheme.

        I wish they would hurry up and make a dead-simple version of the new sync available for people to install on their own servers. If you don't have a good enough internet connection to host it at home, stick it up one of those free-tier amazon cloud instances and you'd be good to go without the risk of Mozilla capture the decryption key.

        • (Score: 2) by lennier on Thursday June 12 2014, @04:33AM

          by lennier (2199) on Thursday June 12 2014, @04:33AM (#54426)

          "there is only one point in time (during account creation) in which mozilla has access to the decryption key. They promise that they don't hang on to the key,"

          What.

          [facepalm]

          Here, type in your banking PIN. I only need it once and I promise I won't hang onto it!

          --
          Delenda est Beta
          • (Score: 0) by Anonymous Coward on Thursday June 12 2014, @04:39AM

            by Anonymous Coward on Thursday June 12 2014, @04:39AM (#54427)

            You should feel proud of yourself for deleting the line that wrote and then restating it yourself without adding one iota of new thought. What a fucking genius you are.

        • (Score: 1) by be4verch33se on Friday June 20 2014, @04:04PM

          by be4verch33se (1994) on Friday June 20 2014, @04:04PM (#58041)

          I've opted to remap my firefox profile location to another folder within my local owncloud file sync. I have an owncloud server on a VPS in Amsterdam. So their idiocy hasn't affected me much beyond a mild annoyance. Unfortunately, everyone on the planet isn't a sysadmin.