
U.S. judge rules search warrants extend to overseas email accounts - nmjenkins
http://www.reuters.com/article/2014/04/25/us-usa-tech-warrants-idUSBREA3O24P20140425
======
mkempe
Overall the US government acts as if other countries are not really sovereign
entities, because software is eating the world. Hence the US is entitled to
listen to everything non-US people say, read everything non-US people write,
search data not stored on US soil, monitor non-US financial transactions, etc.
All without having to respect any law of any other country.

The EU data protection bans storage of data about EU citizens outside the EU.
Eventually the ban may have to include storage of data by US companies, even
if in the EU.

This is going to end badly for American Internet companies. It's not just the
NSA scandals. Americans need to realize that people outside the US have
options, and at some point it will become a major handicap to be a US business
-- seen as a conduit for US government power and spying.

I don't see how the US could or will step back from these abuses of power.

~~~
rmthompson
They aren't, sovereignty is only a concept when each nation is capable of
independence through economic, resource, and most importantly military. Since
America spends more money on military than the next 9 largest spenders
combined, America doesn't have to respect sovereignty. America's goal is to
feed it's consumption, and ensure that nothing threatens the way of life for
the wealthy at the cost of other nations. It frustrates me to no end because
although I really hate this as a concept and practice, I really enjoy being
given the opportunities that that this enables.

~~~
naterator
Yea, that's great and all but what happens when China and it's 1.4 billion
people get their stuff together?

It's astounding that it seems that few in the US government seem to
acknowledge that we may not be on top always, and what goes around comes
around. There will be real future costs for our moral corruptness.

~~~
Retric
China has a several thousand year history of not getting it's shit together so
it might never happen.

~~~
rakoo
China is millenias old and has mostly kept their shit to themselves. That's an
example everyone else should follow

~~~
Retric
They have a long history of failing to concur other areas which is not the
same as keeping there shit to themselves.

------
higherpurpose
This will embolden countries like Germany and Brazil even more to force Google
and Microsoft to create local subsidiaries/different companies there and hold
their citizens data _only_ in those datacenters and with that specific
company.

And I don't blame them. As a response to this, and to avoid that, Google and
Microsoft should be adopting end-to-end encryption in their services as soon
as possible, because it's the only way they can now say with a straight face
that EU citizen data is "safe" with them.

Otherwise (hopefully) people will be using less and less American services
over the next few years. Europeans (and others) can't and shouldn't feel safe
with their data used by American companies now.

~~~
arethuza
They presumably already have wholly owned subsidiaries in each country where
they have any presence - the US government can then presumably say to the
parent company in the US "tell your subsidiary in <country> to give us their
data" and what can they do?

~~~
tomp
They would respond "We ordered the CEO of the local subsidiary to give us the
data, and he refused, because that would be illegal in the country the
subsidiary is based in. We then fired the CEO, now he's suing the subsidiary
and we had to close it down. We made $50M loss this year because of the
lawsuit. Thank you, honourable judge."

------
kijin
> _" A U.S. prosecutor cannot obtain a U.S. warrant to search someone's home
> located in another country, just as another country's prosecutor cannot
> obtain a court order in her home country to conduct a search in the United
> States," the company said._

Sure, the U.S. government cannot send agents to search Irish homes owned by
U.S. citizens, but it can damn well order the citizen in question to retrieve
and present a certain document that is known to be stored in the basement of
that home, and threaten to hold him in contempt if he fails to have it shipped
stateside within a few weeks. So according to Microsoft's own analogy, there's
nothing surprising about this decision.

What I'd really like to know is what happens if it is illegal in the country
where the server is located for Microsoft to disclose the server's contents to
the U.S. government.

I don't know much about EU privacy laws, but surely some countries take issue
with the personal information of their own citizens being shipped abroad?
Could U.S. corporations (and/or their EU subsidiaries, if any) argue that it
would be illegal for them to obey this U.S. judgment?

~~~
mariuolo
> Sure, the U.S. government cannot send agents to search Irish homes owned by
> U.S. citizens, but it can damn well order the citizen in question to
> retrieve and present a certain document that is known to be stored in the
> basement of that home, and threaten to hold him in contempt if he fails to
> have it shipped stateside within a few weeks.

Even when the document in question doesn't belong to said citizen?

Can a US court compel you to commit theft abroad?

~~~
jellicle
U.S. courts (and all courts everywhere) can compel you to produce any document
or item under your control, whether or not you actually "own" it.

Your cousin Bob gave you a sealed letter to hold for him and the court says
you have to hand it over? You must.

And calling it "theft" is an attempt to prejudice the discussion. Theft is
taking without due process of law. By definition, taking at the command of a
court is with due process of law.

~~~
mariuolo
> And calling it "theft" is an attempt to prejudice the discussion. Theft is
> taking without due process of law. By definition, taking at the command of a
> court is with due process of law.

By the same token I could come and repossess your car after obtaining a
judgement against you in a foreign court if it was in my parking lot, right?

------
brudgers
_the burden on the government would be substantial_

That was the idea embodied in the Bill of Rights.

------
john-n
What happens if/when another country (China? India?) introduces a similar law,
requiring a company that operates there to make data on u.s citizens available
even if its stored outside of the country. Will these companies stop operating
in these markets?

------
rurban
Looks like doing business with US companies is now in severe trouble as the US
does not care to obey foreign privacy laws. At least it's official now.

------
Havoc
EU based internet services are looking better and better each day - especially
the German ones.

~~~
mjn
My guess is that this worry is why Microsoft's opposing the order. The
university I work at in Denmark uses Office 365 specifically because Microsoft
was able to convince them that data will only be stored in the EU, and will
only be accessed in accordance with EU data-protection law. If Microsoft can't
credibly maintain that claim, European companies and universities may not be
able to use their cloud services.

------
jackgavigan
The EU has a track record of defying US extraterritoriality so I would be
surprised if the data gets handed over.

Also, this ruling was made by a magistrate judge, which is prett low down on
the judicial totem pole. This ruling _will_ be appealed, which means that
it'll be reviewed by a judge who doesn't, in fact, have his head up his ass.

------
whoismua
Devil's advocate: what if MS, Google et al had all the US persons' email and
files stored in Canada or Germany...on purpose? You type your email in
Washington DC and then it is stored in a server somewhere in Germany. No can
do says Microsoft.

~~~
tzs
Along similar lines, suppose you are GM, and you have known for over a decade
that faulty ignition switches on your cars have been killing people, yet you
have not applied the cheap fix for the problem, and that this is at least
grossly negligent and possibly criminal. Can you just ship all the
incriminating physical documents to a GM branch in another country so that US
prosecutors and US plaintiff attorneys and US regulators cannot get them?

It would be one hell of a loophole if a person or company in country X could
put documents (electronic or physical) that they fully control completely out
of the reach of prosecutors, plaintiffs, and regulators in country X simply by
storing those documents in country Y but still fully in their control and
easily in reach when it serves their interests to access them.

~~~
err4nt
Does that work with physical papers and reports? Moving them physically to a
different country?

~~~
wmf
From the article: "Longstanding U.S. law holds that the recipient of a
subpoena must provide the information sought, no matter where it is held, he
said."

