On July 31, the district court judge issued a ruling in the case involving the US Government’s warrant issued to Microsoft to compel production of data stored on the servers of its wholly owned Irish subsidiary located in Ireland (In re Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corp. (S.D.N.Y.)). The judge upheld the magistrate’s decision that Microsoft must produce the emails stored in servers located in Ireland stored by its Irish subsidiary. The decision is stayed as Microsoft appeals.
This case could have profound implications for US companies storing or hosting data overseas because foreign competitors will be able to argue that data stored outside the US is not safe from not only US intelligence but also US law enforcement. It likewise could lead to chaotic choice of law disputes as other countries begin to demand reciprocal treatment in the US for law enforcement process. This follows on increasing requirements in other countries for data localization following the Edward Snowden revelations.
The judge agreed with the magistrate that the issue is not the location of the data but instead control over the data. As such, Microsoft is required to produce the data regardless of where it is stored. This follows the Bank of Nova Scotia line of cases.
Ultimately, this case could end up before the Supreme Court or it could lay the ground work for Congress to step in and clarify the legal standards for law enforcement access to electronic information.