The "Microsoft Ireland" Case (Amicus Brief) [Update]
UPDATE: On January 24, 2017, the Second Circuit denied the government’s petition for rehearing en banc. Judge Carney present the court’s rationale in a concurring opinion.
The central issue in this case is whether a domestic search warrant can compel American companies to produce data stored in servers outside the United States.
The “Microsoft Ireland” case began in December 2013 when a district court judge in New York issued a warrant asking Microsoft to produce all emails and other private information associated with a certain account. Most of the user’s data happens to be stored in Ireland datacenter — one of many datacenters Microsoft maintains around the world to improve the speed of its network for foreign users. Microsoft produced account information kept on servers in the United States, but refused to produce any data stored on servers in Ireland, arguing the government’s warrant does not apply extraterritorially. Microsoft moved to vacate the warrant, but the district court found in favor of the government and ordered Microsoft to disclose the data held in Ireland. Microsoft appealed that decision to the U.S. Court of Appeals for the Second Circuit.
The Brennan Center, in conjunction with the Constitution Project, the Electronic Frontier Foundation, the American Civil Liberties Union, and O'Melveny & Myers LLP as pro bono counsel, filed an amicus brief in support of Microsoft Corporation, which cautions the Second Circuit against repeating two significant errors in the lower court’s reasoning. Both errors could have a powerful impact on the future of digital privacy, and therefore merit close consideration.
First, the brief argues that the Fourth Amendment “moment” where digital data is protected, occurs at the point of seizure, regardless of when or whether a law enforcement officer may view it. The government’s contrary view, which the district court accepted, imagines that the Fourth Amendment applies only when law enforcement actually looks at the data, not when it is first copied and seized. This view has dangerous practical implications for Fourth Amendment protections for digital data. Taken to its logical conclusion, it would permit police to copy all data on an unrestricted number of computers and retain that information indefinitely – all without a warrant. The Government’s position on privacy infringement also leaves American internet users vulnerable to foreign governments, who may decide to retaliate by collecting American data within their reach.
Second, the brief takes issue with the government’s assertion that a domestic warrant is functionally similar to a subpoena, and therefore confers the government with the authority to search and seize email abroad. A subpoena, which can be used to compel disclosure of certain business records, is constitutionally insufficient to require disclosure of email – in the United States or abroad. The brief argues that a customer’s emails are private communications, rather than “business records.” As such, a subpoena does not provide analogous authority to obtain email stored abroad.
As increasing amounts of personal data are stored digitally, questions of Fourth Amendment protections for digital data will become even more critical in assuring the future of digital privacy. The Brennan Center is therefore urging the Second Circuit to carefully evaluate the implications of relying on the lower court’s reasoning as it considers this case.