The United State’s Court of Appeals for the Second Circuit has refused to re-hear the case between Microsoft and Department of Justice, effectively resulting in it being impossible for a United States court to issue a warrant to seize or get access to emails stored outside of the United States. This is a significant step forward in privacy and is critical to trading blocks like the European Union who have previously found that the United States has insufficient protection of personal information. It is also fundamentally important for Microsoft who rely on being able to guarantee the privacy of their customers’ information, especially if that information is not located (or even linked to) the United States.
Unsurprisingly the US Department of Justice is very unhappy with this approach as this interpretation of the United States’ Stored Communications Act – the Act that governs the seizure of emails – effectively makes it much more difficult to investigate and prosecute criminal activity.
What is also interesting is that this case dealt with emails that were stored in Ireland – part of the EU – and this is also the country that most often stores the emails of Microsoft customers from South Africa.
That said, this decision does not mean that you should become complacent about the US’ potential to invade the privacy of communications in other countries. There were several dissenting opinions by judges who believed that the execution of the warrant in the United States against Microsoft who had the technical control to access emails in Dublin, Ireland was not executing a warrant on foreign soil. In addition even the majority opinion supported a review of the Stored Communications Act which could potentially re-open the US investigator’s access to email communication in other countries. For this reason it will remain important to keep abreast of these developments as it must influence who you choose as a service provider for your company’s email communications.