Saturday, March 3, 2018

U.S. v. Microsoft Has Big Implications for Data Privacy & Security


Wired Magazine reporting on U.S. v. Microsoft, a case before the US Supreme Court has stated that "Five years ago, US law enforcement served Microsoft a search warrant for emails as part of a US drug trafficking investigation. In response, Microsoft handed over data stored on American servers, like the person’s address book. But it didn’t give the government the actual content of the individual’s emails, because they were stored at a Microsoft data center in Dublin, Ireland, where the subject said he lived when he signed up for his Outlook account. In a case that begins Tuesday, the Supreme Court will decide whether those borders matter when it comes to data.

As the case has worked its way through appellate courts, Microsoft has taken the position that US law enforcement needs to go through Irish authorities if they want to obtain the emails. The United States has a Mutual Legal Assistance Treaty with Ireland, as it does with over 60 other countries and the European Union. Microsoft holds that US law enforcement could simply use the MLAT to ask Irish authorities for help.

The Justice Department argues that the warrant issued in the US should suffice, without needing to deal with Ireland to obtain the emails. It says the warrant is valid not because it has international reach, but because the actions required for Microsoft to obtain the data could take place within the United States. In other words, the government is saying that copying or moving the subject’s emails stored in Ireland isn’t search and seizure - only directly handing the emails to the US government is." 


Commenting on Internet security, renowned security expert Bruce Schneier has stated: "If there's a lesson here, it's that the Internet constantly generates data about what people are doing on it, and that data is all potential evidence. The FBI is 100% wrong that they're going dark; it's really the golden age of surveillance, and the FBI's panic is really just its own lack of technical sophistication."


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.