Today we’ll make our arguments before the U.S. Supreme Court in what everyone agrees is an important case for privacy rights around the world, for international relations, and for building trust in the technology we all rely on every day.
We believe we have compelling arguments and we look forward to the opportunity to make them before the nine Justices of the Supreme Court. But while attention today will focus on the Supreme Court, we believe the most important work should take place in the Capitol building across the street, by the U.S. Congress.
In 2013 U.S. law enforcement served on Microsoft a search warrant for customer data stored in our datacenter in Ireland. While we don’t believe that U.S. law grants the Government the right to reach across borders to obtain private information, we do believe that the U.S. should work with the Irish government to obtain the data they want. Unilateral actions like this will undermine privacy protections of customers everywhere, and are a recipe for international tensions, conflict and chaos.
Everyone agrees that new technology poses new problems that need to be solved. We’ve argued since the day we filed this case in 2013 that we need modern laws to govern today’s technology. We can’t rely on laws written three decades ago, before the internet as we know it was invented. Ultimately the courts – including the Supreme Court – can decide only whether the Department of Justice’s approach passes muster under current law. The courts are not able to write a new law. Under the U.S. Constitution, only Congress can do that, using its tools to craft a nuanced solution that balances all the competing concerns by enacting a statute for the 21st century.
Strong momentum for new laws
The good news is that there is strong momentum for a legislative solution. Earlier this month the CLOUD Act was introduced in Congress. It has bi-partisan support in both houses of Congress, as well as support from the Department of Justice, the White House, the National Association of Attorneys General and a broad cross section of technology companies. The CLOUD Act creates both the incentive and the framework for governments to sit down and negotiate modern bi-lateral agreements that will define how law enforcement agencies can access data across borders to investigate crimes. It ensures these agreements have appropriate protections for privacy and human rights and gives the technology companies that host customer data new statutory rights to stand up for the privacy rights of their customers around the world.
Standing up for national sovereignty
While we are encouraged by the momentum for legislative solutions, we also look forward to today’s oral argument before the Supreme Court. We believe we have compelling arguments and we’re grateful for the breadth and depth of the support we’ve received in the case. In January, 289 different groups and individuals from 37 countries signed 23 different legal briefs supporting Microsoft’s position that Congress never gave U.S. law enforcement the power to ignore treaties and breach Ireland’s sovereignty by reaching into Ireland to obtain the data they are seeking. The U.S. Government argues that it can reach across borders based on a law enacted in 1986, before anyone conceived of cloud computing. We don’t believe there is any indication that Congress intended such a result.
This is not to say that law enforcement should never access emails in other countries. We’ve said repeatedly that there are times when this is necessary to protect public safety, but that it should be governed by modern laws that respect people’s privacy rights and the sovereignty of other countries.
As we stand before the Justices today we’ll make four key points:
Today is an important day. We are looking forward to the opportunity to make our case. And at the same time, we hope that members of Congress will keep moving quickly to create the modern laws that everyone agrees are needed.