Yesterday afternoon the Irish government filed an amicus brief in the Microsoft data case. We’ve mentioned this case previously, as it has very broad ramifications for cross-jurisdictional issues surrounding data privacy and sovereignty and much more.
To recap. A US court wants Microsoft to hand over customer data which is stored on servers in Ireland that are controlled by Microsoft Ireland. The company has been fighting the order, as the implications of it are, to put it mildly, unpleasant and far-reaching. There are, of course, other legal methods by which a US court or law enforcement could gain access to the data, such as MLAT. The key difference being that, in theory at least, MLAT would force the overseas order to be compliant with local law, while the current attempted access is under US law only ie. the US court are applying pressure to the US parent of Microsoft Ireland.
It’s a positive move that the Irish government has finally stepped up, though personally I wish they’d take a more active role in internet governance matters. They are, unfortunately, absent from most fora where these issues are being actively debated and discussed by government, private sector and civil society. If I was being optimistic maybe this hails a sea change in the Irish policy..
Here’s the release from Microsoft on the matter:
The Irish Government today confirmed that it has filed an amicus brief in Microsoft’s legal case challenging a US search warrant that seeks customer email stored in Microsoft’s European Data Centre in Dublin.
Commenting on the Government’s brief Cathriona Hallahan, MD, Microsoft Ireland said: “This case has important implications for Ireland and Europe. Minister Dara Murphy has shown significant leadership on this issue from the outset. There are a number of critical data protection issues in play at the moment so having a dedicated Minister and a newly established department focused on these matters is very important. We welcome the Government’s decision to engage formally in the process by filing an amicus brief. We believe that this step will send a strong signal to the US Court about the importance placed on the matters in dispute.”
Microsoft Executive Vice President and General Counsel Brad Smith said: “The Irish Government’s engagement underscores that an international dialogue on this issue is not only necessary but possible. We’ve long argued that it’s best for law enforcement to move forward in a way that respects people’s rights under their local laws.”
Microsoft’s case argues the US government cannot reach across international borders and retrieve a person’s email without respecting local privacy laws. The amicus brief process is one which facilitates an interested party to file its views in a legal case which can then be taken into consideration by the courts.
A survey carried out amongst people in Ireland in October highlighted the strength of support amongst the Irish public for the principles Microsoft is advancing in this case with 89% saying that a foreign government should not be able to demand personal information stored in Ireland without liaising with the Irish government.