Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

American Judge Claims Jurisdiction Over Data Stored In Other Countries

Soulskill posted about 3 months ago | from the su-casa-es-mi-casa dept.

The Courts 226

New submitter sim2com writes: "An American judge has just added another reason why foreign (non-American) companies should avoid using American Internet service companies. The judge ruled that search warrants for customer email and other content must be turned over, even when that data is stored on servers in other countries. The ruling came out of a case in which U.S. law enforcement was demanding data from Microsoft's servers in Dublin, Ireland. Microsoft fought back, saying, 'A U.S. prosecutor cannot obtain a U.S. warrant to search someone's home located in another country, just as another country's prosecutor cannot obtain a court order in her home country to conduct a search in the United States. We think the same rules should apply in the online world, but the government disagrees.'

If this ruling stands, foreign governments will not be happy about having their legal jurisdiction trespassed by American courts that force American companies to turn over customers' data stored in their countries. The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage? This is a matter that has to be decided by International treaties. While we're at it, let's try to establish an International cyber law enforcement system. In the meantime."

cancel ×

226 comments

Sorry! There are no comments related to the filter you selected.

American company (5, Informative)

Todd Knarr (15451) | about 3 months ago | (#46848305)

I think the fact that it's an American company being ordered to produce the data factors in here. The judge does have jurisdiction over the company, which makes it a different situation from ordering a company in another country to turn over data stored there. If you want to get out of a country's legal jurisdiction, you need to be out of their jurisdiction.

Re:American company (1)

Anonymous Coward | about 3 months ago | (#46848359)

Too bad that rule does not apply to American companies' money. It is fine for MS to hide their money in Ireland but woe to them if they have any information on their servers there.

Re:American company (2, Insightful)

Anonymous Coward | about 3 months ago | (#46848625)

They don't hide their money, that is illegal. What they really do is use evey tax loophole they can to shift money around to the most favorable spot on he planet for tax purposes. They report every red cent to the US agencies, and use every trick they lobbied to put into the book to say "Neener neener its legal and you can;t have any."

Been this way for about 20 years or more now, thank you Reagan.

Re:American company (3, Insightful)

K. S. Kyosuke (729550) | about 3 months ago | (#46848389)

What if it breaks the law of the foreign country in question?

Re:American company (4, Insightful)

Anonymous Coward | about 3 months ago | (#46848425)

Then the company is going to have to choose which country's laws to break, and suffer the consequences. In the extreme case, this will result in companies deciding that it's not worth operating in particular sets of countries.

Re:American company (3, Interesting)

knightghost (861069) | about 3 months ago | (#46848571)

What if I encrypted a block of my data, broke those blocks up, then stored separate (non-duplicate) pieces in every country in the world? Would a court need to get every country's permission to assemble the data? Is the data an entity that has to be pursued independently of the owner (me)? Or as the owner, can my citizenship country (or a country that is pursuing me) instead demand all pieces based on me as the owner?

To summarize: Is my data legally independent from me?

Re:American company (3, Informative)

St.Creed (853824) | about 3 months ago | (#46848751)

Data is legally owned and controlled by somebody, and that's the one getting the subpoena. So as far as I know the law over here (IANAL) the answer is yes: the court that can claim jurisdiction can apply its laws and if they say they can order you to give up the data and decrypt it, then you have to.

In my (amateur) opinion, the only way Microsoft would have gotten out of this one is if they had sold the data to another company that would reside in Ireland and that would be legally independent. Say, "MicrosoftDataHolding Ireland". However, *that* company could be ordered by the Irish courts to turn over the data to the Irish government, independent of what Microsoft USA would want. They wouldn't even be part of the case.

Re:American company (1)

ColdWetDog (752185) | about 3 months ago | (#46848855)

Nope. The jurisdiction concerned about the information would need two things: Your physical presence and a rubber hose.

Re:American company (0)

Anonymous Coward | about 3 months ago | (#46848871)

Your data is not legally independent from you. If you are a citizen of country A, storing data in servers physically located in country B, then the government of country A can, given the right circumstances accroding to their laws, subpoena you to retrieve the data in those servers and hand it to them, while country B is capable of confiscating the servers themselves and then it's up to them to figure out how to retrieve the data from them.

Re:American company (0)

Anonymous Coward | about 3 months ago | (#46848463)

That is not the judges problem. If the company can't legally do business in both the US and the other country then it will have to choose one over the other.

Anyway this doesn't bode well for US companies. EU might be the larger market but if US law is incompatible with EU data retention laws they might have to give that region up or sell that part of their company to someone that can legally do business there.

Re:American company (1)

LifesABeach (234436) | about 3 months ago | (#46848545)

Market Share is not the Issue, it's Taxes.

Re:American company (0)

LifesABeach (234436) | about 3 months ago | (#46848531)

Corporations are people too. Maybe m$ in Ireland should be Renditioned to GITMO?

Re:American company (0)

Anonymous Coward | about 3 months ago | (#46848543)

I think the fact that it's an American company being ordered to produce the data factors in here.

I still doubt that makes it legal, national sovereignty still applies. Microsoft America and Microsoft Ireland are legally two different corporations under international law. That's how tax dodging schemes like the double Dutch/Irish sandwich work.

Re:American company (1)

davester666 (731373) | about 3 months ago | (#46848869)

The data is in the cloud, therefore it should be publicly available to everyone.

Re:American company (1)

Jane Q. Public (1010737) | about 3 months ago | (#46848565)

It's a multinational company.

Microsoft's Irish branches are Irish companies. Its U.S. branches are U.S. companies. If they are all owned by the U.S. company, I suppose this might hold. But I'm not exactly an attorney specializing in international affairs, so I don't claim to be an expert in this.

What bothers me primarily is that more and more, the erstwhile "leaders" of the U.S. (I use the term leaders very loosely, because I think many of them are incompetent at actually leading) have seemed to think they have legal jurisdiction over the world.

I hate to disabuse them of that notion, but they really should be disabused of that notion.

Re:American company (1)

Anonymous Coward | about 3 months ago | (#46848677)

Microsoft's Irish branches are Irish companies. Its U.S. branches are U.S. companies. If they are all owned by the U.S. company, I suppose this might hold. But I'm not exactly an attorney specializing in international affairs, so I don't claim to be an expert in this.

If they can claim ownership of the Irish earnings in their US annual reports (or even do stuff like borrow money using those earnings as collateral) then it seems reasonable for the US Judge to either assume they can tell the Irish or other companies what to do, or assume they are committing fraud or theft.

On a related note if a company can declare in the USA that it is making X billions why can't it be required to pay taxes[1] on those said billions? If they are owned by some unrelated Irish company then they shouldn't pay US taxes on it, but then the US company shouldn't be able to behave as if the money belongs to them.

What bothers me primarily is that more and more, the erstwhile "leaders" of the U.S. (I use the term leaders very loosely, because I think many of them are incompetent at actually leading) have seemed to think they have legal jurisdiction over the world.

What bothers me is that they do - go ask Kim DotCom, Snowden, etc.

If they didn't actually have jurisdiction in practice it wouldn't bother me at all.

[1] To avoid double taxation - just require them to pay to USA the difference in US vs Irish tax. If Ireland taxes them more than the USA then they don't have to pay anything. If Ireland taxes zero, then they pay the full to the USA. If they don't like that then they should behave more like separate companies. e.g. the Irish Microsoft CEO can ignore the US CEO on what to do with the billions of US dollars ;).

Re:American company (0)

Anonymous Coward | about 3 months ago | (#46848585)

I think the fact that it's an American company being ordered to produce the data factors in here. The judge does have jurisdiction over the company, which makes it a different situation from ordering a company in another country to turn over data stored there. If you want to get out of a country's legal jurisdiction, you need to be out of their jurisdiction.

But the US judge and law enforcement agency might not have jurisdiction over the (foreign) end customer they're investigating.

The only rational thing to do for the rest of the market, is to avoid trusting US companies altogether...

Re:American company (1)

Anonymous Coward | about 3 months ago | (#46848587)

I think the fact that it's an American company being ordered to produce the data factors in here. The judge does have jurisdiction over the company, which makes it a different situation from ordering a company in another country to turn over data stored there. If you want to get out of a country's legal jurisdiction, you need to be out of their jurisdiction.

Cute theory you have there. Ironically enough, it does not carry over worth a shit into that other realm that we supposedly cannot escape, along with death; taxes.

Seems many a rich American businessman, as well as their American companies, hide trillions in offshore tax havens.

Why the fuck the legal system isn't going after THAT shit makes it crystal clear as to where the corruption is focused, but also makes it clear that one illegality shouldn't be overlooked for another.

Re:American company (2, Informative)

Anonymous Coward | about 3 months ago | (#46848641)

"Why the fuck the legal system isn't going after THAT shit [...]"

Cause they've been paid not to. Lobbied, bought and paid for, our tax system is literally the best money can buy now.

Re:American company (0)

Anonymous Coward | about 3 months ago | (#46848747)

Because if those offshore tax havens published the names of every american senators, former presidents, judges, and high ranking military that have an offshore accounts, then the US republic would blow up ten times over.

Re:American company (3, Insightful)

QuasiSteve (2042606) | about 3 months ago | (#46848679)

Right - that's why AMS-IX opened 'their' NY location as a separate company, so that U.S. jurisdiction can't touch their Dutch operations.

https://ams-ix.net/newsitems/1... [ams-ix.net]

Or so their lawyers are interpreting anyway - probably nothing a stroke of the pen in the U.S. can't make disappear.

Re:American company (5, Interesting)

Em Adespoton (792954) | about 3 months ago | (#46848689)

I think the fact that it's an American company being ordered to produce the data factors in here. The judge does have jurisdiction over the company, which makes it a different situation from ordering a company in another country to turn over data stored there. If you want to get out of a country's legal jurisdiction, you need to be out of their jurisdiction.

What is an "American" company? MS Europe is incorporated in Ireland, has a datacentre in Ireland, and pays taxes in Ireland. The FBI should be approaching the Irish authorities for access to this data.

Or look at it another way: Is Sony USA an American company, or a Japanese company? If it's a Japanese company, that means that the Japanese have the right to all data stored on Sony USA servers.

Or let's take this further: let's say the government of China had reason to believe that Cisco China had an NSA backdoor in its products as they were being deployed in China, and so ordered Cisco USA to turn over all emails, technical specifications and documentation.

Rinse and repeat with pretty much any middle east country and Haliburton.

This is a dangerous precedent for the US to set, as their only possible responses to foreign country's requests for similar information would be either "sure, here it is" or "sorry, we have a bigger army. Don't mess with us." Land of the Free much?

Re:American company (2)

St.Creed (853824) | about 3 months ago | (#46848773)

Well... let's follow up on the argument a bit.

If MS Europe is *really* independent, they can now turn down the request of MS USA for the data and the request will have to go through the Irish courts. But if they are *not* all that independent, and the data is not in fact controlled by them but by MS USA, then they can't interfere, MS USA will have to comply and I can just imagine what the tax authorities are going to do the morning after they produce the data: go after MS with a pretty big hammer.

Interesting case, this :)

Re:American company (5, Informative)

Frobnicator (565869) | about 3 months ago | (#46848759)

I think the fact that it's an American company being ordered to produce the data factors in here.

Close, but wrong.

Being ordered to produce data is called a subpoena. That is the normal tool for producing emails and documents. A subpoena orders the company to find the documents meeting the criteria and produce them for the court.

A search warrant allows LEOs to enter the building, search for everything themselves, and seize anything that might appear to satisfy the warrant. So they would enter the server room and immediately seize any computer that looks like it might have the email on it.

The unnamed government agency got a warrant to seize a bunch of computers, and are acting under the guise that they are asking for specific information.

It is completely the wrong tool. It would be nice to think it was a simple mistake, picking the wrong tool to get information. ... unless it is an agency looking to do far more than find some specific emails. Unfortunately it is probably the latter, given that everything is under seal and they are demanding to allow US federal agents into a non-US facility to seize servers.

Re:American company (0)

Anonymous Coward | about 3 months ago | (#46848907)

The thing is that "this customer" could be an European. But even if the client is an US subject - as long as he is (or his data are) in EU he is still protected by the same EU laws under which Microsoft operates in Ireland (in this case his data, by various EU data protection acts) . So Microsoft is asked to break Irish/EU laws by this fella. If Microsoft (willfully or not) complies, it should be immediately sued by either this EU client or EU officials with possibility of a severe penalty including revoking its right to operate within Ireland/EU. Also the judge which issued this order broke (or influenced to break) the EU law (in EU country), should be prosecuted by these laws and arrested as soon as his foot touches an EU soil.

company and network structure (0)

Anonymous Coward | about 3 months ago | (#46848963)

I think the fact that it's an American company being ordered to produce the data factors in here. The judge does have jurisdiction over the company, which makes it a different situation from ordering a company in another country to turn over data stored there. If you want to get out of a country's legal jurisdiction, you need to be out of their jurisdiction.

It could depend on the structure of the company.

I used to work for $SOFTCO Canada, but my manager was in California and was officially employed by $SOFTCO Inc. I had a team mate in California and another in Switzerland. There were no barriers between the networks of $SOFTCO Canada and $SOFTCO Inc, and one could SSH from our management/bastion host (in California) to any server in Canada, Switzerland, Japan, etc. The network team was similarly distributed with members around the globe, with access to any networking device.

So if $SOFTCO Inc was ever ordered to do something by a court, the US employees had the ability to simply SSH in. How this interacted with Canadian wire tap statutes, privacy regulations, etc., is something you'll need a lawyer to decipher.

If the structure that would have been that I worked for $SOFTCO Canada, with my manager also with $SOFTCO Canada and was physically in Canada, with separate SSH accounts to our servers (on Canadian soil) that were not accessible to USian admins, then the USian warrant can say whatever it wants, but the USian employees would in that case not be able to do anything (short of trying to break in).

If US cloud providers want to provide guarantees to foreigners about privacy and protection, they'll need to start segmenting off their non-US data centers both in HR reporting structures, and admin accounts.

No jurisdiction (0)

jonfr (888673) | about 3 months ago | (#46848311)

U.S has no legal jurisdiction in other countries. This verdict is meaningless. Just watch other nations laugh this off.

Re:No jurisdiction (0)

Anonymous Coward | about 3 months ago | (#46848349)

It's all fun and games until said American company gets its ass kicked by the US Justice System for not helping them retrieve the data.

Re:No jurisdiction (2)

fustakrakich (1673220) | about 3 months ago | (#46848351)

They're not demanding from the countries. They're going after Microsoft, which happens to have offices in the US. Either way, those who believe should encrypt their mails. The rest can hide their secret messages in spam.

Re:No jurisdiction (4, Informative)

devman (1163205) | about 3 months ago | (#46848373)

Microsoft, however, is subject to the jurisdiction of the U.S. Federal Court system, and when a Magistrate Judge orders them to produce something, they are compelled to produce it. It doesn't really matter where the something is. Basically the court is saying the search warrant can be executed like a subpoena.

From the linked article:
A search warrant for email information, he said, is a "hybrid" order: obtained like a search warrant but executed like a subpoena for documents. Longstanding U.S. law holds that the recipient of a subpoena must provide the information sought, no matter where it is held, he said.

Re:No jurisdiction (1)

cHiphead (17854) | about 3 months ago | (#46848483)

This pretty obviously needs to be a subpeona, a search warrant is from a law enforcement standpoint and that has zero use for data in a physical location outside the US. It's an attempt to end run around the system and it's far reaching and needs to be quashed immediately.

Re:No jurisdiction (1)

Yakasha (42321) | about 3 months ago | (#46848627)

This pretty obviously needs to be a subpeona, a search warrant is from a law enforcement standpoint and that has zero use for data in a physical location outside the US. It's an attempt to end run around the system and it's far reaching and needs to be quashed immediately.

I see lots of money being made in the WAN acceleration industry.

Re:No jurisdiction (1)

LifesABeach (234436) | about 3 months ago | (#46848575)

I was wondering if it also applies to agents, franchises, and licensees of a person?

Re:No jurisdiction (0)

Anonymous Coward | about 3 months ago | (#46848605)

My passive-aggressive solution with any beauracracy is to immediatley comply with requests of this nature. Shift the liability over to the power infatuated judge. Turn off all backup systems, checksum the original data and carefully deliver a couple 747's worth of hard drives to his office fedex overnight.
with a note that says - good luck asshole, make sure we get it back in one piece. Then your lawsuit for damages becomes much more winnable. Especially with the insurance company lawyers.

Re:No jurisdiction (1)

budgenator (254554) | about 3 months ago | (#46848727)

The alternative would be to go in and physically remove the server; then have all the data on the drives vulnerable to the whims of law enforcement.

Spanish Civil Law? (0)

Anonymous Coward | about 3 months ago | (#46848481)

How does this assertion square against the Spanish law that allows them to prosecute foreign citizens for crimes against humanity committed outside Spain?

Re:No jurisdiction (4, Informative)

Brett Buck (811747) | about 3 months ago | (#46848569)

The search warrant analogy is completely spurious. An American court cannot compel a search of a foreign property. But they can certainly compel an American company (or individual) to produce information owned by the company that happens to reside in a file folder in another country, or be liable for contempt of court.

      Sensationalism, thy name is slashdot.

      Brett

Re:No jurisdiction (3, Insightful)

Kjella (173770) | about 3 months ago | (#46848775)

In what appears to be the first court decision addressing the issue, U.S. Magistrate Judge James Francis in New York said Internet service providers such as Microsoft Corp or Google Inc cannot refuse to turn over customer information and emails stored in other countries when issued a valid search warrant from U.S. law enforcement agencies.

Emphasis mine. I read this to mean that if you use any US owned mail provider the FBI can subpoena anything they want through a US judge. That just seems horribly wrong and would put the world wide operation of any company at the mercy of the jurisdiction where they're headquartered. By this logic the NSA can get a subpoena to demand all US companies turn over any information they got anywhere in the world. You could never trust a foreign company to follow local laws. If this stands it's a horrible precedent.

Re:No jurisdiction (1)

Immerman (2627577) | about 3 months ago | (#46848957)

Now you're getting it. Deal with an American company, you deal with American law, in addition to local law. If those conflict then it simply comes down to which law the company is least willing to break.

Consider, the opposite precedent is even worse - if Microsoft is allowed to hide it's records simply because it stored them overseas then *every* company (and private individuals as well) can reasonably be expected to do the same. Using the company as your private piggy bank? Keep the financial records offshore so the IRS can't demand them. Dealing in the illegal arms trade? Make sure all your records and merchandise remain in countries that don't mind and you can operate openly in the US. All the benefits of operating as an American company, plus the ability to easily sidestep any attempt to crack down on you.

What we really need is a body of international law (treaties could work) governing the regulation of international companies. As it is now the companies are in many ways above the law, they need only dance between jurisdictions enough to muddy the waters and they can get away with almost anything.

Re:No jurisdiction (1)

Coditor (2849497) | about 3 months ago | (#46848859)

If the data in question is protected by a foreign law from being disclosed to anyone, such as personal information protected by the EU, then if the company were to disclose this information to a third party such as the court, it would be in violation of that country's laws. Damn if you do and damned if you don't. Who do you want to piss off more? International law is highly complex and probably shouldn't be handled by judges at a local level. I would expect the state department would get involved, as it might cause all sorts of grief to the country.

International cyber law enforcement system??? (-1, Troll)

fustakrakich (1673220) | about 3 months ago | (#46848325)

Oh murrrrder! Yes, let's put everybody at the mercy of corrupt judges the world over

Re:International cyber law enforcement system??? (-1)

Anonymous Coward | about 3 months ago | (#46848357)

Troll

Authoritarians of the world unite!

Re:International cyber law enforcement system??? (1)

LifesABeach (234436) | about 3 months ago | (#46848583)

A Judge asks for information to make a decision, and because of that, the Judge is corrupt?

Re:International cyber law enforcement system??? (1)

Frobnicator (565869) | about 3 months ago | (#46848717)

No, because the judge and (LEOs) are using the wrong tool.

A subpoena is an order to produce a document (or to require a person to appear). This is the tool they would normally use to get an email or any other document. The LEOs do not get any access except to have the document produced.

A search warrant is an order allowing LEOs to immediately search everything they want, and then seize whatever they think satisfies the warrant.

Normally a subpoena is used to get an email. The company searches their databases and provides it. Using a search warrant is absurd, it means the police break into the server room, and say "This computer seems like it might have email, we're seizing it."

Of course, that may be EXACTLY what the LEOs are trying to do in this case, but barring some exceptional power-grab by LEOs, it is the wrong legal tool.

Re:International cyber law enforcement system??? (1)

LifesABeach (234436) | about 3 months ago | (#46848845)

The Judge ordered the information, there's not much a LEO can do except comply; or appeal to a higher court. This could be considered a stalling tactic. As for the reference to the judge as a tool; now I see comedy.

A possible solution? (1)

Decrepitude (3628165) | about 3 months ago | (#46848331)

The problem is that most of the large computer and internet companies are American. I can think of two solutions. 1) Governments set up their own sovereign companies to duplicate the US companies services 2) The large US companies (who appear not to like this ruling) could establish foreign owned subsidiaries in those countries.

The Chinese business model ... (0)

Anonymous Coward | about 3 months ago | (#46848409)

The problem is that most of the large computer and internet companies are American. I can think of two solutions. 1) Governments set up their own sovereign companies to duplicate the US companies services 2) The large US companies (who appear not to like this ruling) could establish foreign owned subsidiaries in those countries.

That model works for China ... what could go wrong other than control of your products, technology and intellectual property?

Re:A possible solution? (0)

Anonymous Coward | about 3 months ago | (#46848473)

#2 is far more likely as well as being more plausible, unless you happen to live in a country like China, whom will most likely opt for #1

Re:A possible solution? (0)

Anonymous Coward | about 3 months ago | (#46848521)

The large US companies are already using foreign entities as tax evasion enablers. So the short term method is to change US law. The immediate response then is the US operations will then become subsidiaries of their Cayman Islands operations (like Stanley Tools did...). So then the US will only be likely to corece info from the US operations within the US, unless there are the equivalent of extradition treaties for various types of alleged criminal actions set up between countries...

Slightly misleading... (2, Insightful)

Anonymous Coward | about 3 months ago | (#46848335)

The judge said that the warrant served on Microsoft is valid, meaning that Microsoft, which has control of the servers in Dublin, can be required to use its access to its own servers to turn over information within its control. Nothing Earth-shattering here.

Re:Slightly misleading... (1)

Anonymous Coward | about 3 months ago | (#46848363)

Exactly. It strikes me as akin to requiring Microsoft via subpoena to provide documents they have stored on paper in Ireland vs. busting down the door of their Ireland office and confiscating them.

I'm not really sure what it means for data to "reside" in a particular country, but if the only copy is on a physical disk in a physical location, that's pretty straightforward. The fact that it may be copyable over a network doesn't change the fact that it's a physical record just like a piece of paper.

Re:Slightly misleading... (2)

Richard_at_work (517087) | about 3 months ago | (#46848379)

And what happens when Ireland, the UK, the EU etc pass laws which specifically prevent Microsoft et al from responding to such warrants when they are issued from countries where the data does not reside?

Microsoft would be between a rock and a hard place.

Already in place.... (3, Informative)

CaptainOfSpray (1229754) | about 3 months ago | (#46848435)

EU law already makes it illegal to pass "personal data" to any location which lacks the protections available in Europe. The so-called Safe Harbor provisions apply for te US situation, but everyone who understands the EU law knows that the Safe Harbor arrangements are just smoke and mirrors - they afford precisely no protection at all - they exist to enable EU companies to export data to the US while claiming they have complied wth the law.

Re:Slightly misleading... (0)

Anonymous Coward | about 3 months ago | (#46848507)

And what happens when Ireland, the UK, the EU etc pass laws which specifically prevent Microsoft et al from responding to such warrants when they are issued from countries where the data does not reside?

Microsoft would be between a rock and a hard place.

Well, the UK, EU, etc, can not pass laws that prevent a USA company to respond to a USA warrant (and vice versa), but even if such a -stupid- law is passed then any USA company must decide if they should remain a USA company (forced to respecting USA laws) - in any case companies/people should stop be "surprised" when they are forced to stop taking advantage of "multiple nationality".

Re:Slightly misleading... (2)

Trepidity (597) | about 3 months ago | (#46848813)

That's precisely why Microsoft is opposing this order, not so much to avoid turning this particular data over, but because it may damage their European business. Microsoft has made a big marketing push in Europe trumpeting that their cloud products comply with EU data-protection laws, and this has been somewhat successful: several big companies and universities have signed up with Office 365 as their email/calendaring provider, in part because they were convinced that doing so is compatible with their obligations under EU law. Google in particular has usually not been in the running, because they can't or won't certify that data in Google Apps for Business is treated in accordance with European regulations, whereas Microsoft has been claiming that data in Office 365 is.

Re:Slightly misleading... (1)

Barsteward (969998) | about 3 months ago | (#46848381)

Only if the data belongs to american citizens, they shouldn't have access to Irish citizens' data

Re:Slightly misleading... (1)

Immerman (2627577) | about 3 months ago | (#46848973)

Ah, but it's not Irish citizen's data - it's Microsoft's data about Irish citizens. Possession is 9/10ths of the law after all. I'd bet you good money that the EULA even says something to that effect down around page 29475.

Re:Slightly misleading... (0)

Anonymous Coward | about 3 months ago | (#46848393)

I know Slashdot loves US bashing, but this isn't trespassing on other nation's sovereignty. It is far closer to demanding a company in the US that had a stolen car stored stashed in Mexico to cough it up as opposed to a judge in the US demanding someone in another at random in another country to cough up their property.

Yes, it might be great news and it gives grist for the propaganda/psy-ops mills... but this article and the truth are far apart.

Re:Slightly misleading... (1)

rossdee (243626) | about 3 months ago | (#46848819)

Sent it to them at 300 baud

Many questions but single answer. (0, Troll)

140Mandak262Jamuna (970587) | about 3 months ago | (#46848339)

The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage?

There are myriad of such questions. But the answer is always the same, "whatever is in the best interests of the richer guy".

Actually the rich are losing in this case ... (0)

Anonymous Coward | about 3 months ago | (#46848371)

The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage?

There are myriad of such questions. But the answer is always the same, "whatever is in the best interests of the richer guy".

You are wrong. The richer guy is Microsoft in this case and the richer guy is being told to hand over his overseas data.

Re:Actually the rich are losing in this case ... (1)

Curunir_wolf (588405) | about 3 months ago | (#46848451)

The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage?

There are myriad of such questions. But the answer is always the same, "whatever is in the best interests of the richer guy".

You are wrong. The richer guy is Microsoft in this case and the richer guy is being told to hand over his overseas data.

Nope. Microsoft may have a lot of money, but the guy they're up against here is the US Federal government, an entity with nearly $3 TRILLION per year in revenues (and $4 TRILLION per year in expenditure), clearly by far the "richer guy".

Re:Actually the rich are losing in this case ... (0)

Anonymous Coward | about 3 months ago | (#46848523)

The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage?

There are myriad of such questions. But the answer is always the same, "whatever is in the best interests of the richer guy".

You are wrong. The richer guy is Microsoft in this case and the richer guy is being told to hand over his overseas data.

Nope. Microsoft may have a lot of money, but the guy they're up against here is the US Federal government, an entity with nearly $3 TRILLION per year in revenues (and $4 TRILLION per year in expenditure), clearly by far the "richer guy".

In the real world, people like Vince McMahon can and have won against the US Government.

Re: Actually the rich are losing in this case ... (0)

Anonymous Coward | about 3 months ago | (#46848975)

How much of that 3 trillion is Microsoft's money in the first place (taxes, lobby, senatorial $1000/plate dinners, etc)?

Re:Actually the rich are losing in this case ... (0)

Anonymous Coward | about 3 months ago | (#46848471)

Well, i haven't got this whole thing figured out, but my observation is when Microsoft has a problem they call their lawyer. When warren Buffett has a problem, he calls the President of the United states.
Who you call when you have a problem (if anyone) should clarify where you fit in to this whole freedom/power/rich guy delusion we all pursue.

Re:Many questions but single answer. (0)

Anonymous Coward | about 3 months ago | (#46848675)

Really? I thought the answer was both countries.

Email v. Physical Search Warrant (1)

billybacs (1440925) | about 3 months ago | (#46848375)

The last paragraph notes that email warrants are typically treated like subpoenas. Given that the U.S. have coordinated with local law enforcement before (Kim Dotcom), why would the increased overhead significantly hinder investigations? At a minimum, fishing expeditions would be minimized, so I see no reason for the distinction to continue. This would make for an interesting SCOTUS decision if it gets to that point.

Silver Lining? (0)

Anonymous Coward | about 3 months ago | (#46848377)

Maybe this will end up requiring that the data stays in the U.S., complicating off-shoring.

Re:Silver Lining? (0)

Anonymous Coward | about 3 months ago | (#46848609)

Or it could result in said corporation keeping all its data off-shore, including all its offices, which would leave them having the last laugh at the USA.

Re:Silver Lining? (0)

Anonymous Coward | about 3 months ago | (#46848815)

That would be good too, we don't need these "American company in name only" outfits like I.B.M. - Indian Business Machine.

The nationality of the company (0)

mbone (558574) | about 3 months ago | (#46848395)

With apologies to various political hacks in the judiciary, corporations are not people, and this is one of many examples why, If I had a house in Ireland, and the US wanted something in it, they couldn't do much about it legally without going through the proper legal channels (e.g., applying to an Irish judge), especially if I was also residing in Ireland. Companies reside in the countries they do business in, which means they are located anywhere and everywhere, and subject to the laws of all of those countries, especially the nation that they are incorporated in.

So, this is not surprising at all. I bet, too, that if Microsoft had some paper documentation relevant to this case , and those papers were in Ireland, the judge could order Microsoft to turn that over too.

US Court did *not* say corporations are people ... (2)

drnb (2434720) | about 3 months ago | (#46848441)

With apologies to various political hacks in the judiciary, corporations are not people ...

Actually the U.S. Supreme Court did *not* say that corporations are people. What the court actually said is that *groups of people* have the same rights as individual people, and that the nature of that group -- corporation, labor union, activist group, etc -- does not matter.

I apologize of actually reading the court decision rather than relying on the characterization of it by the talking heads on TV.

Re:US Court did *not* say corporations are people (2)

cryptolemur (1247988) | about 3 months ago | (#46848527)

Amusingly enough, "corporation" comes from latin word meaning a "group of people"... so where's the difference?

Re:US Court did *not* say corporations are people (1)

LifesABeach (234436) | about 3 months ago | (#46848713)

Then when that group of peoples actions kill a person, it should be treated as Murder? or Industrial Accident?

Team America Jurisdiction Decider (-1)

Anonymous Coward | about 3 months ago | (#46848397)

America...
America...
America, FUCK YEAH!
Coming again, to save the mother fucking day yeah,
America, FUCK YEAH!
Freedom is the only way yeah,
Terrorist your game is through cause now you have to answer too,
America, FUCK YEAH!
So lick my butt, and suck on my balls,
America, FUCK YEAH!
What you going to do when we come for you now,
it's the dream that we all share; it's the hope for tomorrow

FUCK YEAH!

McDonalds, FUCK YEAH!
Wal-Mart, FUCK YEAH!
The Gap, FUCK YEAH!
Baseball, FUCK YEAH!
NFL, FUCK, YEAH!
Rock and roll, FUCK YEAH!
The Internet, FUCK YEAH!
Slavery, FUCK YEAH!

FUCK YEAH!

Starbucks, FUCK YEAH!
Disney world, FUCK YEAH!
Porno, FUCK YEAH!
Valium, FUCK YEAH!
Reeboks, FUCK YEAH!
Fake Tits, FUCK YEAH!
Sushi, FUCK YEAH!
Taco Bell, FUCK YEAH!
Rodeos, FUCK YEAH!
Bed bath and beyond (Fuck yeah, Fuck yeah)

Liberty, FUCK YEAH!
White Slips, FUCK YEAH!
The Alamo, FUCK YEAH!
Band-aids, FUCK YEAH!
Las Vegas, FUCK YEAH!
Christmas, FUCK YEAH!
Immigrants, FUCK YEAH!
Popeye, FUCK YEAH!
Democrats, FUCK YEAH!
Republicans (republicans)
(fuck yeah, fuck yeah)
Sportsmanship
Books

Trend of Anti-Americanism by US government (0)

qwijibo (101731) | about 3 months ago | (#46848419)

Looks like the court is saying that US companies have to spin off separate companies to exist in markets that require that sensitive data stay within the country/region.

Combine this with actively subverting security of US based products and it sounds like internet based companies need to be run and hosted outside the US.

Apparently our government is entirely staffed by people who completely missed the point of King Solomon's cut the baby in half ruling.

Re:Trend of Anti-Americanism by US government (0)

Anonymous Coward | about 3 months ago | (#46848599)

Companies already do this. Microsoft US is not the same as Microsoft India/Iteland/UK. This is how international business works. They make foreign legal entities that they have controlling interest in. The judge is basically telling MS US to get the data they own and owe to the court. Doesn't matter if its in a foreign country.

Now if that country prevents MS from getting the data, that is what MS should argue on why it can't produce. They can't just say, "We hid it in our foreign subsidiary, you can't touch it!"

a tiny symptom of the real problem (1)

roman_mir (125474) | about 3 months ago | (#46848421)

This is just a tiny, minute symptom of the real problem in America, which is lack of individual freedoms, completely destruction of Constitutional government, government ruled by the law, which means government that does not go beyond its few authorised functions, a government that applies laws equally to all people regardless of their circumstances. USA government (and the so called 'justice system') is not ruled by the Constitution - the Supreme law of the land, no. It is a system of systems, so to speak, a system that exists only for one purpose, to promote its own power, to increase its own power. It is not a system that exists to ensure rights of people and general welfare (which does not mean personal welfare), it exists to promote power of the few over the many and it promotes special cases of personal welfare in enormous quantities for the select few and in special quantities for at least half of the population to ensure that the government can maintain its power. The government power depends squarely on the tacit and explicit approval by the mob, the crowd. A civil war is inevitable, it will follow the economic implosion. Make sure that once that happens you don't set up another form of totalitarian government but instead you set up a libertarian one.

Don't tread on me..l. (0)

Anonymous Coward | about 3 months ago | (#46848449)

Hey American judge! Don't tread on me! Your jurisdiction ends at the border. You can request, and if there is a treaty we will try to oblige (given equal reciprocity). But demand? That's a guns/shooting/go-fuck-yourself sort of thing. Where the data is stored is where the data is. If the judge tries to pull this kind of crap, then at the very least expect cloud services migrating to non-American companies. Oh, and the rule is: if an American Judge demands things from people in other countries, the letterhead might be impressive, but it can be treated like a request from a Nigerian socialite trying to liberate billions and only needing a few bucks from you: round file.

excellent (1)

zugedneb (601299) | about 3 months ago | (#46848491)

Now, we fucking sleepy europeans can start implementing our own shit for a change.
Also, it would be nice if the US would put a ban on export, and NDA on any and all science and technology made in the US.
That way we may have a reason to catch up in some areas.

But, probably not. We would just start licking japanese and chinese anus even more, making shit is to much communism for our taste...

Good job. (1)

nashv (1479253) | about 3 months ago | (#46848499)

The judge has now made sure that no American company will ever admit to having stored any data anywhere, or risk losing business.

Re:Good job. (0)

Anonymous Coward | about 3 months ago | (#46848659)

The judge has now made sure that no American company will ever admit to having stored any data anywhere, or risk losing business.

Cute. Name one major US corporation that is NOT also in the business of data mining their customers data for profit.

Fat fucking chance of convincing even the densest moron behind the bench that you have no data...

Re:Good job. (0)

Anonymous Coward | about 3 months ago | (#46848929)

Then they get charged with perjury, and face sanctions for that.

And Denmark just sold its digital IDs to USA... (5, Interesting)

Anonymous Coward | about 3 months ago | (#46848517)

Denmark recently sold its digital infrastructure (digital identities, national bank payments, etc) to a US company. The Danish government said there was nothing to worry about, because the servers would still be in Denmark. Thank you, USA, for proving the Danish government wrong.

Re:And Denmark just sold its digital IDs to USA... (1)

cheesybagel (670288) | about 3 months ago | (#46848779)

You should know better than that.

KURSUS DESAIN INTERIOR (-1)

Anonymous Coward | about 3 months ago | (#46848539)

https://flashcomindonesia.wordpress.com/2013/04/18/kursus-desain-interior-surabaya/

Re:KURSUS DESAIN INTERIOR (0)

Anonymous Coward | about 3 months ago | (#46848561)

it's very good

Credibility (0)

Anonymous Coward | about 3 months ago | (#46848547)

I have many big problems with this.

It would be so much more economical and efficient for DoJ to send in a Goon-Squad of 100 to MS HQ in Seattle and just kill people !

What is to stop them ! Obama OWNS every butt in DoJ. Obama has claimed he has the right to kill, kidnap and torture any human beings on Earth so long as doing so .... Pleasures Him.

So why doesn't Obama ratchet up his 'Bad Kenyan' and send DoJ to MS Seattle and kill about 10% of the employees on Campus.

No one in Seattle, or any other place on Earth, will lift and finger or bat an eye.

Will 'the boys' in the Pentagon have a shit fit of outrage ?

Nope !

Get the facts. (2)

MouseTheLuckyDog (2752443) | about 3 months ago | (#46848549)

I mean come on!
This is reported on by Reuters, and they do not supply a link to the ruling itself. Which means they probably state the ruling all wrong and also leave out important details. In fact one detail I see at once is missing. Whose emails are these?

They could be Boris Putins,.or Kim Dotcoms, in which case I would have severe problems with the judges orders.
Or they could be Dread Pirate Roberts, or even Microsofts operating emails stored in Dublin just to avoid having to turn them over in which case I would have no problems with the judges orders.

In any case please get us all the facts before putting up such a story.
Is that really too much to ask?

Cyber Law? (2)

ultranova (717540) | about 3 months ago | (#46848631)

The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage? This is a matter that has to be decided by International treaties. While we're at it, let's try to establish an International cyber law enforcement system. In the meantime.

Why would I want to build an enforcement system when I don't know who's rules it will end up enforcing? Chinas? North Koreas? NSAs?

Hello world! (0)

Ihlosi (895663) | about 3 months ago | (#46848633)

Please bend over.
Regards,
A.

Seriously, is this even news? FATCA, anyone?

Kiss cloud services goodbye (0)

Anonymous Coward | about 3 months ago | (#46848699)

Hello internet, it was nice knowing you.

Really, people you're stupid if you've been using VPS and cloud services already, this is just the icing on the cake. If you don't to deal with US overreach, then you need to store your private data in the very same places rich people have been storing their money and don't give a care about US law.

In all seriousness, this basically says not to outsource to US-owned companies. Cloud/VPS services are effectively outsourcing the data processing and storage, even if it's physically somewhere else.

ryty (0)

Anonymous Coward | about 3 months ago | (#46848753)

From the other side, if the US courts don't have jurisdiction, every time a US company is required to provide data on an individual or group of individuals or the company itself, they could move it outside of country and avoid due law.

The UN needs to settle this as a whole. There should be a cyber-law enforcing that if data is required (is required being qualified whole-heartedly), that one country's courts work with another country's courts to obtain the data required.

American courts can not enforce data acquisition in another country because they do not always have the appropriate physical presence in the country of data storage. It should be the courts of the country containing the data that promise to uphold data acquisition as part of an international treaty.

TIme ot stop using all american services (0)

Anonymous Coward | about 3 months ago | (#46848783)

BYE and thats right go fuck yourself

Retribution (0)

Anonymous Coward | about 3 months ago | (#46848795)

Ireland could simply bomb the offending courts. They have the experience. Our country escalates disputes to military actions all the time.

American? (1)

Jim Sadler (3430529) | about 3 months ago | (#46848897)

These days the public has a concept of what an American company is but i'm not so certain that the law shares the same concept. Corporations are multi-national these days and frankly the nature of multi national corporations sucks bilge water. Here is why: Going into WWII the Coca Cola company felt that they would take heat for producing product in Germany. So they created the Fanta line of sodas. That way they could still make money on all those lovely Nazi soldiers while keeping the public unaware that they were actively doing business within the Reich. Meanwhile IBM was actually aiding in the data handling of people inside the concentration camps. Wouldn't a normal person assume that these companies would have been seized and shut down with their assets held for the war effort? Who made money by allowing these conditions to exist?

In related news... (1)

vomitology (2780489) | about 3 months ago | (#46848917)

Every company based in America just packed up its stuff and left the country. Democracy in action!

Interpol? (0)

Anonymous Coward | about 3 months ago | (#46848919)

Don't multilateral police cooperation agreements already permit cross-country law enforcement? Just sayin'.

The other countries need protect jurisdiction (1)

mysidia (191772) | about 3 months ago | (#46848927)

I would suggest a law that forbids information to be retrieved from servers for the purposes of satisfying a warrant or supposed legal order that has not been validated by a court within jurisdiction.

The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage?

Whose email is being searched? That matters too. (0)

Anonymous Coward | about 3 months ago | (#46848965)

Article doesn't say the nationality of the person whose email is being sought, or where they are. There are multiple possibilities.

1. I'm a US national living in the US, and Microsoft happens to host my Hotmail account in Ireland. I don't really have too much problem with the idea that a federal search warrant applies in this situation. Microsoft and me are both under US jurisdiction.

2. I'm an Irish national physically present in the US, accessing my Irish-hosted Hotmail account from my location in the US. Maybe this is slightly shakier and lawyers can argue about it, but again I'm under US jurisdiction.

3. I'm a US national living in Ireland, accessing my Irish-hosted Hotmail account from Ireland. Now I have more of a problem with the idea of a US search warrant applying, but that's because there's some legal subtlety about US jurisdiction over what I do there. Lawyers can go figure it out and I'll probably believe what they say.

4. I'm an Irish national living in Ireland, accessing my Irish-hosted hotmail account from Ireland, so I'm not under US jurisdiction in any sane way. This is the case that destroys Microsoft if the search warrant sticks. For Microsoft to have any credibility with non-US customers, the US better deal with the Irish government and get an Irish warrant if it wants access to my email. There is international cooperation among law enforcement so if the US think I'm involved in smuggling Guinness beer from Dublin to Boston, they can contact the Irish government and get a damn warrant if their evidence supports it. It's not like their ability to fight crime is thwarted. I think people are mostly imagining this situation, but it's NOT clear from the article that it's the one that applies. They could be trying to get the email of an American.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>