Sergey Nivens - Fotolia
A wide range of US organisations have come out in support of Microsoft in its fight against a US law that prevents companies from telling customers the government has requested their data.
Technology, media, pharmaceutical and corporate lobbying groups have filed legal briefs know as amicus briefs in support of a Microsoft lawsuit that aims to strike down the law, reports Reuters.
Microsoft filed the legal case in April 2016 as part of the company’s continued efforts to distance itself from the National Security Agency (NSA) after whistleblower Edward Snowden’s revelations about mass surveillance in 2013.
Microsoft is among several big US technology firms that have called for surveillance reforms because of concerns that public loss of trust in technology will hurt their businesses.
In addition to tech firms, such as Apple, Google, Amazon, Cisco Systems and Mozilla, amicus briefs have been filed by the US Chamber of Commerce, the National Association of Manufacturers, Delta, Eli Lilly, BP America, the Washington Post, Fox News, the National Newspaper association, the Electronic Frontier Foundation (EFF) and several other organisations.
Five former law enforcement officials who worked for the FBI or Justice Department in Washington state have also submitted a brief supporting Microsoft, according to Reuters.
The case is aimed at winning the right to tell customers that their data is being monitored on the grounds that the law that prevents it from doing so is unconstitutional.
Microsoft argued that section 2705(b) of the US Electronic Communications Privacy Act contravenes the citizens’ Fourth Amendment constitutional right to be informed if the government searches or seizes citizens’ property, as well as the company’s First Amendment right to talk to its customers about how government actions affect their data.
However, the US Justice Department (DoJ) argued that Microsoft has no standing to bring the case, and that the public has a “compelling interest in keeping criminal investigations confidential”.
The DoJ also claimed procedural safeguards are aimed at protecting constitutional rights.
Indefinite gag orders
Mozilla chief legal officer Denelle Dixon-Thayer said the gag orders are sometimes issued without the government demonstrating why the gag order is necessary.
“Worse yet, the government often issues indefinite orders that prevent companies from notifying users even years later, long after everyone would agree the gag order is no longer needed. These actions needlessly sacrifice transparency without justification. That’s foolish and unacceptable,” she wrote in a blog post.
According to Microsoft, the company received 2,600 federal court orders in the 18 months prior to filing its case that prohibited the company from informing customers their data has been accessed.
Likewise, Apple reportedly received about 590 indefinite duration gag orders in 2016 so far, while Yahoo received more than 700 federal search warrants for user data, with around 60% being accompanied by indefinite duration gag orders.
Cloud services companies such as Microsoft are concerned that the continued use of gag orders by the US authorities could affect their contractual commitments to customers and make them less attractive than non-US providers.
In July 2016, a federal appeal court ruled in favour of Microsoft in an appeal against a court ruling to comply with a December 2013 warrant to access emails the US government believed to be linked to narcotics trafficking that were stored in Microsoft’s servers in Dublin, Ireland.
The DoJ has not decided whether to appeal against the appeal court’s decision, a spokesman told Reuters.
Lessons to learn for UK surveillance bill
Responding to the appeal court ruling, Myles Jackman, legal director of the UK-based Open Rights Group, said it means US law enforcement agencies must respect European citizens’ digital privacy rights and the protection of their personal data.
“The US should not arbitrarily reach across borders just because it feels it can bully companies into doing so,” he said.
“We urge the UK government to take note as the Investigatory Powers Bill will also attempt to create powers compelling overseas companies to do the UK’s bidding.
“We need to establish a firm principle that companies abide by domestic law where they operate, rather than being answerable to every government across the globe that makes demands of them. The established route for requests for data by law enforcement agencies should be through treaties.”
BSA | The Software Alliance also welcomed the ruling, but called on governments to create a framework for lawful access to data.
The group said users of data services entrust their sensitive information to third-party providers and that confidence in cloud technology depends on protecting their expectation of privacy.
Read more about US technology trust concerns
- Yahoo joins technology firms in their demand to the right to disclose the number of user data requests received from US national security agencies.
- Microsoft takes its strongest stance to date against the US government’s far reaching snooping laws.
- Microsoft announces it is to take measures to increase the security of customer data to protect against government snooping.
- Top technology firms join forces to call for urgent reforms of all internet surveillance programmes.