AG Strategy Group
Tuesday, August 9, 2016
In its final months in office, the Obama administration finalized Privacy Shield with the EU. Now it needs to implement it and work with U.S.-based tech companies to remove any uncertainty about exchanging data across the Atlantic. Then, Congress must take action to improve the process for law enforcement agencies to request email data from U.S.-based tech firms when conducting a criminal investigation. All three branches of government have a responsibility to help digital privacy rights catch up with physical ones. If our government achieves parity between privacy rights across those two spheres, then Americans will be safer and can enjoy the protections of their individual privacy.
Berkeley Law School
Friday, July 29, 2016
After the recent Microsoft v. United States decision, the law faces the task of clarifying questions about the international reach of a variety of a legal authorities and processes. In so doing, it should maintain a level playing field for U.S. cloud companies who store their data extra-territorially. There is no policy reason to set a heavier compliance burden on U.S. companies in meeting these requests, the author writes.
The Chertoff Group
Monday, July 25, 2016
Sadly, however, today threats to the free flow of information across the globe come, not only from authoritarian countries but, also, from misguided actions of Western nations that ought to know better. The latest example of this unfortunate trend is the U.S. government's effort to force Microsoft to provide it with data that Microsoft stored in a data center in Ireland. In December 2013, Microsoft received a warrant from a magistrate in the Southern District of New York directing the company to turn over content and non-content information relating to a user associated with the company's Dublin, Ireland data center. Microsoft produced the non-content material associated with the user stored on its U.S. servers, but objected to the order for content data stored in Ireland. The government's view was that the U.S. government can compel the company, a U.S. based cloud provider, to disclose a user's content data stored outside the United States. Happily, that argument has not carried the day. The United States Court of Appeals for the Second Circuit recently issued a decision rejecting the government's request and allowing Microsoft to refuse to produce the data.
Law Office of Bradley S. Shear
Friday, July 22, 2016
The unanimous 3-0 ruling is a victory for not only personal privacy rights but also for the theory that people’s rights in the physical world should be extended to the digital world. This decision will have a tremendous impact on international technology service providers, social media platforms, apps, law enforcement, and individual users of mobile and cloud-based services.
Tuesday, July 19, 2016
To the surprise of many, Microsoft has just won a historic court case defeating efforts by the U.S. government to seize private data held by the firm’s customers overseas. According to a U.S. Appeals Court ruling, Federal prosecutors cannot use search warrants to grab the content of email messages from data centers located outside the United States, even when these facilities are owned and operated by a U.S. cloud provider such as Microsoft.
Many Americans may not understand why this decision is relevant to their daily lives: The federal government asserted tech companies own individuals’ personal information such as emails and photographs, and not the individuals themselves. This would give your personal information less privacy protection than the family notes you place in your dresser drawer at home. Multiple branches of government have important responsibilities in remedying this problem. The Court of Appeals has acted. Now, it’s time for Congress to modernize an outdated law.
Mitrano & Associates
Sunday, July 17, 2016
Mark the Second Circuit decision in the Microsoft case as a turning point. The win for Microsoft is a victory for U.S. innovation, manufacturing and Internet companies, privacy advocates, and legal due process. The Court held that the Electronic Communications Privacy Act (“ECPA,” and specifically in this case, Title II, Stored Communications) does not extend beyond the United States and its territories. Its reasoning does yet more.
Friday, July 15, 2016
Yesterday, Microsoft won a huge case against government surveillance, a case with very important implications: In the Matter of a Warrant to Search a Certain E‐Mail Account Controlled and Maintained by Microsoft Corporation. Why does it matter how the government seeks to obtain data stored abroad? It matters because the US government was seeking to use to obtain data stored in Ireland in a way that would violate Irish law. Had the government used the MLAT process, the government would have had to seek the information by going to a judge in Ireland. Although the MLAT process is clunkier and more difficult than just using ECPA, following the MLAT process is important to avoid at least three very troubling consequences.
Cunningham Levy LLP
Wednesday, June 22, 2016
Everyone agrees that the current international order for sharing evidence in criminal prosecutions is broken. This is at the heart of the litigation Microsoft is pursuing against the Department of Justice (DOJ) over data stored in Ireland, after a New York judge ordered Microsoft to retrieve and give the government the contents of communications of a customer. Microsoft, and the many companies and organizations supporting its position, asked the court to prohibit the DOJ from getting communications content from overseas via a U.S. warrant. The government’s alternative would be to use the antiquated and slow mutual legal assistance treaty (MLAT) process. While this case awaits a decision by the U.S. 2nd Circuit Court of Appeals in New York, all sides agree that, whatever the outcome of the decision, it will not begin to solve the larger — and critical — international data-sharing issues.
Monday, June 6, 2016
There is a significant degree of confusion and lack of awareness about attorney confidentiality and cybersecurity obligations. This issue is especially acute when it comes to using the cloud to store privileged documents. A common myth is that storing privileged documents in the cloud is a breach of attorney-client confidentiality. In other instances, many attorneys and firms are not paying sufficient attention to their obligation to protect the confidentiality and security of the client data they maintain.