So, the result is in. At least until the next time perhaps. The legal challenges to Microsoft to allow a US judge gain access to a single email which is stored in a European data centre (Dublin) has come to a close (for now!!).
And the verdict. A US court has ruled that the US government cannot force Microsoft to give authorities access to the firm’s servers located in other countries.
So on one hand privacy (to a point, and as much as can be) seems protected, while others cite the fact that criminals can avail of such privacy to provide a ‘safe haven’ for certain activities.
-Judge Susan Carney ruled against the DoJ on the basis that the Stored Communications Act of 1986 limited the reach of warrants applicable outside the US. She noted that such restrictions were vital to maintaining good relations with other nations.
-Another judge involved in the ruling, Gerard Lynch, said the 1986 law was in urgent need of an update.
“I concur in the result,” he wrote. “But without any illusion that the result should even be regarded as a rational policy outcome, let alone celebrated as a milestone in protecting privacy.”
While there is a firm judgement in place for now, the question remains what next, and when will countries look to update either their laws or collaborate on an international level?
In the meantime it looks like major and significant public cloud providers will continue to spring up datacentres in-country for key locations / customer bases to encourage adoption of their services without data and privacy issues such as this one.
Some references below.
This has been a very interesting case and one I personally discuss when teaching the Professional Cloud Service Manager course. We look at this from the perspectives of creating a cloud strategy and design considerations regarding privacy when using clouds. It is a very powerful case study for a number of reasons.