WASHINGTON—Technology companies will square off with law enforcement on Tuesday as the Supreme Court hears arguments on whether emails and other customer data stored overseas are subject to U.S. search warrants.
The case is one of several legal battles on law-enforcement access to private online data, and it requires the justices to interpret a law that Congress wrote before email and cloud computing were part of everyday life.
A federal appeals court, in a 2016 case involving
, handed a blow to prosecutors by ruling that such warrants can’t be enforced on U.S. providers if the data is stored exclusively on foreign servers. That is the decision the Supreme Court is reviewing.
The case highlights broader tensions between tech titans, which view protecting user privacy as a priority, and authorities who believe privacy concerns should take a back seat to public safety in certain circumstances.
Battle lines have been firmly drawn, with opposing camps warning of serious harm if the court rules against their position.
The Justice Department and state attorneys general say the lower court ruling has hampered investigations into an array of crimes, from narcotics trafficking to arson to child pornography. Emails and electronic evidence are now critical to virtually every criminal investigation, they say.
Microsoft, Google and other technology companies say the Justice Department’s position would leave them stuck between U.S. law enforcement and their obligation to abide by privacy laws in foreign jurisdictions. The companies also say the case could threaten American dominance in the $250 billion cloud-computing industry, because foreign clients won’t use U.S. firms if their data isn’t protected.
Foreign governments also have weighed in, urging the Supreme Court not to interpret U.S. law in a way that intrudes on their sovereignty.
“This may be a case in which the Supreme Court has no truly satisfying outcome available to it, in part because it is being asked to interpret a 1986 law that is not a good fit for the kind of large-scale, cross-border data-storage practices of today,” said
a lawyer with Morrison & Foerster LLP who closely follows privacy and data-security issues.
The law at issue is the Stored Communications Act, passed by Congress more than 30 years ago to provide privacy protections for electronic records.
The Justice Department applied for a warrant requiring Microsoft to turn over email information from an account allegedly tied to illegal drug activity in the U.S. A magistrate judge issued the warrant after finding the government had established probable cause that the account was connected to narcotics trafficking.
Microsoft handed over some account data that was stored in the U.S. but said it shouldn’t have to hand over the emails, which were stored on a server in Ireland. The company said the government has never suggested that the account holder is a citizen or resident of the U.S.
The Second U.S. Circuit Court of Appeals sided with Microsoft, ruling the 1986 law didn’t apply beyond U.S. territory.
Microsoft said in its Supreme Court brief that the materials targeted for government seizure are covered by Irish and European Union law. That means the U.S. is seeking to assert the 1986 law beyond domestic borders, which isn’t allowed, the company argued.
Microsoft conceded that U.S. law is outdated but said that was an issue for lawmakers, not judges, to address.
“Only Congress has the authority and tools to rewrite the statute to strike a new, 21st-Century balance between law-enforcement interests, our relations with foreign nations, the privacy of our citizens, and the competitiveness of our technology industry,” the company said in its brief.
A bipartisan group of lawmakers has introduced legislation to tackle cross-border data issues, but it isn’t clear if the bill will advance in Congress.
The Justice Department said it isn’t seeking to apply the current U.S. law extraterritorially. It noted the government sought disclosure in the U.S., where officials at Microsoft’s headquarters in Redmond, Wash., have ready access to files stored abroad.
“Microsoft’s employees could prepare that disclosure without leaving their desks in the United States,” Solicitor General
wrote in a court brief.
The department argued that Microsoft’s position could keep investigators from accessing emails and other files even if the subject of the investigation is based in the U.S., if a company chooses to store the consumer’s files overseas.
There is a diplomatic process, governed by legal assistance treaties, that allows the U.S. to request that foreign law-enforcement counterparts share sought-after data, but it can be slow and ineffective, the department said.
While the case before the court involves Microsoft, the government also took aim at Google, whose network-management practices often involve dividing data from a single customer file into chunks that are moved within an international network of data centers.
If Microsoft’s arguments prevail, then Google’s practices would make its data inaccessible to law enforcement, the Justice Department said.
Google has been involved in several warrant battles with federal and state authorities, agreeing to be held in contempt in some cases for failing to turn over data. The company, like Microsoft, is pushing for a legislative solution.
Since the Second Circuit ruling, legal battles between prosecutors and tech companies have continued in other jurisdictions, and several courts have ruled in the government’s favor, including in California, Florida, Pennsylvania and Wisconsin.
A Supreme Court decision is expected by the end of June.