Data, Extraterritoriality and International Solutions to Transatlantic Problems of Access to Digital Evidence. Legal Opinion on the Microsoft Ireland Case (Supreme Court of the United States)
The White Book: Lawful Access to Data: The US v. Microsoft Case, Sovereignty in the Cyber-Space and European Data Protection, CEIS & The Chertoff Group White Paper (December 2017)
33 Pages Posted: 21 Dec 2017
Date Written: November 29, 2017
This study is the Legal Opinion prepared, at the request of CEIS and Microsoft, in the so-called "Microsoft Ireland Warrant Case" (USA v. Microsoft Corporation, US Supreme Court). This legal study was integrated into a "White Paper" on this case, initiated by Microsoft and published on December 3, 2017, by CEIS, the Chertoff Group and the author of this study.
The Microsoft Ireland case raises fundamental questions about the legal status of data and the cloud, the sovereignty of States in cyberspace, human rights and the General Data Protection Regulation (GDPR), the access of authorities to evidence stored in the cloud and the potential for conflict of laws. These issues should be of interest to public authorities in different nations as well as to businesses, individuals and civil society.
Part I of this study presents in the most accessible way the parameters of this highly interesting - but particularly complex case. Part II examines the specific issues raised in the US Supreme Court. It demonstrates the very fragile nature of the US government's arguments against the July 14, 2016, decision of the US Second Circuit, which found that the US government could not compel Microsoft to transmit to the US authorities e-mails from its clients stored on servers located outside the United States. Part III questions the negative consequences that a decision of the Supreme Court in favor of the American government might have. Part IV, finally, shows that international law offers States different possibilities to find mutually acceptable solutions, respectful of their sovereignty and compatible with the protection of human rights, to the important problem of criminal law enforcement access to digital evidence. States thus have the choice between a risky unilateralism, advocated by the American government before the Supreme Court, and the multilateral way, which has shown its effectiveness time and again in the history of international law.
Keywords: Data, Cloud, Data Protection, GDPR, Privacy Shield, Cybersecurity, Cyber-criminality, International Law, Sovereignty, Extraterritoriality, Jurisdiction, Law Enforcement, MLAT, Microsoft, GAFA, United States Supreme Court, Budapest Convention, Evidence
Suggested Citation: Suggested Citation