Microsoft Sues Justice Department, AG Over Cloud Privacy
Microsoft has filed a lawsuit against the Justice Department and Attorney General Loretta Lynch, stating that the same rules that apply to search and seizure in an office should apply to its cloud.
8 Ways Cloud Storage Delivers Business Value
8 Ways Cloud Storage Delivers Business Value (Click image for larger view and slideshow.)
In an unusual legal move that could have far-reaching implications for businesses that use cloud computing services, Microsoft has filed a federal lawsuit charging that the US government is secretly trying to obtain information on its customers and that the company cannot speak publicly about these searches.
"Microsoft brings this case because its customers have a right to know when the government obtains a warrant to read their emails, and because Microsoft has a right to tell them, according to the suit.
Microsoft's filed its lawsuit against the US Justice Department and US Attorney General Loretta Lynch on April 14 in a Seattle District Court. It's possibly the country's next major debate on the need for the nation's laws to keep pace with its technology.
A spokesperson for the Justice Department told The New York Times that the Department is "reviewing the filing."
The Larger Issues
While Apple's feud with the FBI centered on devices and encryption, and on a single law enforcement case, Microsoft's suit is a proactive move, not attached to any individual request for information by the government, that puts the spotlight on cloud computing.
But like Apple's case, the company makes the argument that the government is taking advantage of laws that innovation has made outdated, or at least a poor fit for the way Americans live today.
The document explains:
Before the digital age, individuals and businesses stored their most sensitive correspondence and other documents in file cabinets and desk drawers. As computers became prevalent, users moved their materials to local computers and on-premises servers. […]
The government […] has exploited the transition to cloud computing as a means of expanding its power to conduct secret investigations. As individuals and business have moved their most sensitive information to the cloud, the government has increasingly adopted the tactic of obtaining the private digital documents of cloud customers not from the customers themselves, but through legal process directed at online cloud providers like Microsoft.
The company's lawsuit goes on to note that not only does the government go through Microsoft, rather than request materials directly from the individuals, but also that it does so through a "centuries-old requirement" that prohibits Microsoft from telling customers, after either an "unreasonably long" time, or indefinitely.
The lawsuit claims that over the past 18 months federal courts have issued nearly 2,600 secrecy orders that prevent Microsoft from discussing them, and that more than two-thirds of these have no fixed end date.
Learn to integrate the cloud into legacy systems and new initiatives. Attend the Cloud Connect Track at Interop Las Vegas, May 2-6. Register now!
These "twin developments" -- the increased number of demands and the increase in secrecy --"have combined to undermine confidence in the privacy of the cloud and have impaired Microsoft’s right to be transparent with its customers," according to the legal papers, "a right guaranteed by the First Amendment."
Further, the Fourth Amendment of the Constitution is being violated, said Microsoft, by searches and seizures that the company says can hardly be considered "reasonable."
Were the government to enter a home or office and seize letters from a desk drawer or file, "that person in almost all circumstances has the right to notice of the government's intrusion," states Microsoft.
Why the Cloud Matters
By using a snippet of the Electronic Communications Privacy Act (ECPA) of 1986 to justify the search and seize of content from the cloud without notice to the customer, the law "subjects Microsoft's cloud customers to a different standard merely because of how they store their communications and data," it continues.
On the same day that Microsoft filed its suit, the House Judiciary Committee approved an update to the ECPA, which currently does not require a warrant to search content -- email, text messages, etc. -- that is more than 180 days old.
While the Apple case has many detractors, it positioned Apple as a champion of privacy and consumer rights. Microsoft, whose revenue is heavily dependent on customers' use of, and trust in, cloud computing, seems to be trying to do the same.
"In 2013 we committed publicly to challenging individual secrecy orders for legitimate business customers," Brad Smith, Microsoft president and chief legal officer wrote in an April 14 blog post.
"In some cases we've convinced the government to redirect its request to our business customers. In other cases we've litigated the issue, and, in one recent situation, the government argued that we should be held in contempt for refusing to turn over email until a court ruled on the secrecy issue," Smith continued. "… [W]e've concluded that this issue is recurring and needs to be considered in the context of the broader constitutional rights that are at stake."
Jan Dawson, chief analyst with Jackdaw research, said it would be "surprising," were the timing of the suit a coincidence.
"This is clearly something that Microsoft has cared about for some time, so it's possible that they've been saving the lawsuit for when it can have the maximum impact in PR terms," Dawson told InformationWeek. "It certainly fits well with the broader current movement by tech companies to protect their users better against law enforcement overreach, given all that's been happening with Apple and its supporters around iPhone unlocking and encryption."
About the Author
You May Also Like