Who Has Legal Control Over Your 'Big' Data?
The Biggest Lesson from Microsoft’s Recent Battle with the US Government
A court ruling involving Microsoft’s offshore data storage offers an instructive lesson on the long reach of the US government-and what you can do to mitigate this political risk.
A federal judge recently agreed with the US government that Microsoft must turn over its customer data that it holds offshore if requested in a search warrant. Microsoft had refused because the digital content being requested physically was located on servers in Ireland.
Microsoft said in a statement that “a US prosecutor cannot obtain a US warrant to search someone’s home located in another country, just as another country’s prosecutor cannot obtain a court order in her home country to conduct a search in the United States.”
The judge disagreed. She ruled that it’s a matter of where the control of that data is being exercised, not of where the data is physically located.
This ruling is not at all surprising. It’s long been crystal clear that the US will aggressively claim jurisdiction if the situation in question has even the slightest, vaguest, or most indirect connection. Worse yet, as we’ve seen with the extraterritorial FATCA law, the US is not afraid to impose its own laws on foreign countries.
One of the favorite pretexts for a US connection is the use of the US dollar. The US government claims that just using the US dollar-which nearly every bank in the world does-gives it jurisdiction, even if there were no other connections to the US. It’s quite obviously a flimsy pretext, but it works.
Recently the US government fined (i.e., extorted) over $8 billion from BNP Paribas for doing business with countries it doesn’t like. The transactions were totally legal under EU and French law, but illegal under US law. The US successfully claimed jurisdiction because the transactions were denominated in US dollars-there was no other US connection.