Dorsey & Whitney, LLP

Computer Fraud / Data Protection

  • Home
  • Bio
  • Experience
  • Topics
  • Archives
  • Contact
Nick Akerman

Second Circuit Eases Tension Between U.S. Discovery Requirements and EU Privacy Laws

By Nick Akerman on August 29, 2016

By:  Chris Koa and James Mason

Microsoft scored an important victory when the Second Circuit ruled that the government is not authorized to issue warrants for customer data stored overseas.  In re Warrant to Search a Certain E-mail Account Controlled & Maintained by Microsoft Corp. should offer a level of comfort for the cloud computing industry as a whole and for U.S. companies that have an international storage footprint.

Key Takeaways

• This case limits the government’s right to access information stored internationally.

• If a company is issued a warrant, the key question is not where the warrant is executed, but where the data is stored.  The government cannot compel companies to produce data if the data sought is stored completely on foreign soil.

• This ruling should also reduce the apprehension some EU residents have regarding U.S. companies’ ability to protect their data.

• This case eliminates a situation where companies would have to choose between complying with EU law or cooperating with the U.S. government.  Prior to this decision, it would be very difficult for a company receiving a warrant for data stored in the EU to comply with U.S. and EU law.

It is unclear what the ultimate outcome will be.  The Second Circuit did not address how this ruling would apply to an SCA subpoena served with the requisite notices.  In his concurrence, Judge Gerard Lynch noted that U.S. online privacy laws implemented in 1986 are woefully inadequate to address the issues of today and urged Congress to take action on modernizing U.S. data protection statutes.

The government will likely seek an en banc hearing or appeal to the Supreme Court.  Companies should continue to monitor developments in this area going forward.

Share this:

  • Tweet
  • Email
  • Print

Related

This entry was posted in Data Protection, General and tagged In re Warrant to Search a Certain E-mail Account Controlled & Maintained by Microsoft Corp.. Bookmark the permalink.

Previous Story

»Mobile Apps Face New Controls in China
Ransomeware: To Pay or Not to Pay →

Search

Jump to Category

  • CLE Credit
  • Company Policies for New Technologies
  • Computer Crime
  • Computer Fraud and Abuse Act
  • Criminal
  • Data Breaches
  • Data Protection
  • Disloyal Employees
  • Ethics
  • General
  • Podcasts
  • Press
  • SEC Data Breaches Response
  • Seminars
  • Social Media
  • Software
  • Unknown Hackers

Search Site

Subscribe to Blog via Email

© Computer Fraud / Data Protection 2018

FREE GUIDE

Cybersecurity Readiness Check List


Sending ...
Top
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.