Privacy, data localization laws at stake as US Supreme Court takes Microsoft-DOJ Irish email case

In a potential landmark case that could have far reaching ramifications for user privacy and transatlantic business, the U.S. Supreme Court has agreed to hear a dispute between software giant Microsoft and the Department of Justice, related to private emails stored on servers outside of America.

The DOJ lost a previous decision to Microsoft in a lower court ruling last year, but the department appealed that decision under new leadership with the Trump administration.

The DOJ hopes it will be able to convince the Supreme Court to allow it to use a warrant to obtain messages from servers housed in Ireland. The case involves an account officials say was used for drug trafficking,

The high court’s decision will cause ripples throughout the technology world, potentially affecting how companies store user data, at a time when cloud-based services are more popular than ever with consumers.

The decision will also affect law enforcement, which believes it should have a right to obtain data held outside of the country when necessary. The DOJ, backed by 33 states, has argued that a Microsoft victory could hamper active criminal investigations, and could provide a pathway for criminals to ensure their online exchanges stay away from police.

But to Microsoft, granting law enforcement the ability to access data stored overseas could set a dangerous precedent.

“If the U.S. government can unilaterally use a warrant to seize emails outside the United States, what’s to stop other governments from acting unilaterally to seize emails stored inside the United States?” Microsoft President and Chief Legal Officer Brad Smith wrote in an official blog post from the Windows maker. “At a time when countries are rightly worried about foreign government hacking, the DOJ’s interpretation would open the door to accomplishing the same thing.”

Another potential outcome of the Supreme Court’s decision could see the rise of data localization mandates, essentially requiring companies to house or clone cloud data locally, to ensure law enforcement can access it when allowed by warrant.

Tech companies, including Microsoft, have been pushing for for current laws to be reformed, particularly the Electronic Communications Privacy Act, which Smith noted was enacted decades before cloud computing existed.

“The current laws were written for the era of the floppy disk, not the world of the cloud,” he wrote. “We believe that rather than arguing over an old law in court, it is time for Congress to act by passing new legislation.”

The Supreme Court is scheduled to hear U.S. v. Microsoft in early 2018, and a final decision from the court is expected by June.