Blog Post

FBI moves to expand computer search powers, complicating Microsoft’s push to protect overseas cloud customers

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Microsoft is the midst of a defiant stand against the federal government, insisting that a U.S. search warrant can’t force it to turn over emails located on a server in Ireland. The company has even taken the unusual step of opening itself to a contempt of court order, as part of a larger plan to reassure cloud computer customers in other countries that their data is safe from U.S. surveillance.

But now Microsoft’s high-profile legal campaign, which has received support from the likes of [company]Apple[/company] and [company]Cisco[/company], could get under cut from another quarter: the FBI is quietly lobbying Congress to rewrite the rules for search warrants in order to expand their reach. If the lawmakers agree, this would mean that “searches” authorized by American judges would no longer be restricted to a specific geographic location in the United States (which is how search warrants typically work.)

According to National Journal, the effort by the Justice Department focuses on an obscure corner of judicial procedure (emphasis mine):

Government officials are trying to expand their authority to hack into and locate computers by changing an arcane federal rule governing how judges can approve search warrants. […]

The provision, known as Rule 41 of the federal rules of criminal procedure, typically allows judges to issue search warrants only within their judicial district. But the government has asked to alter this restriction to allow judges to approve electronic surveillance to find and search a computer’s contents regardless of its physical location, even if the device is suspected of being abroad.

There is as yet no explicit connection between the rule-writing effort and the [company]Microsoft[/company] case, which is related to a narcotics investigation in Ireland, but a link between the two developments seems likely.

While the Justice Department won the first round in court against Microsoft in July, its legal position may be tenuous. The judge in the case has so far accepted the government’s technical argument that a search did not really take place in Ireland because the emails were read in the United States, but Microsoft insists that this interpretation amounts to “allowing federal agents to break down the doors of Microsoft’s Dublin facilities.”

Microsoft, supported by others in the tech industry and civil libertarians, also argues that American courts should not issue search warrants with global reach. The company has suggested that U.S. law enforcement should instead work through mutual assistance treaties with Ireland and other governments to conduct searches (a process the lower court judge has said would be “burdensome”).

The resolution of the search warrant issue is important to Microsoft and other U.S. cloud computing companies because customers in Europe, especially, have become skittish about using American services in the wake of the surveillance revelations by former NSA contractor Edward Snowden.

The case is now at a procedural stage before the Second Circuit of Appeals in New York, where Microsoft wants the court to rule on whether it should be found in contempt of court for defying the initial order. If Congress rewrites the law in the meantime, however, it could render the case moot before the appeals court judges can issue a ruling.

In response to a request for comment, Microsoft said by email that is is looking into the matter (I will update if I hear more).

3 Responses to “FBI moves to expand computer search powers, complicating Microsoft’s push to protect overseas cloud customers”

  1. Richard Raseley

    Even if Microsoft’s motives are not entirely altruistic (and we shouldn’t expect they would be) it is good to see people and companies finally standing up to government overreach.

    If it comes to it, I wonder if Microsoft could sufficiently separate itself from its overseas operations to allow them appropriate legal cover to say ‘we don’t have the keys, only Microsoft Ireland does – go ask them if you want the data.’?