Lawmakers bring bill to fight overseas govt data searches, boost privacy

Reuters / Thomas Peter
​Congress is once again attempting to tackle data rights with a bipartisan bill that would increase email privacy protections and limit government access to data content stored overseas, even when it comes calling with a search warrant.

Introduced Thursday by Sen. Orrin Hatch (R-Utah), the Law Enforcement Access to Data Stored Abroad bill would require American companies to turn over data stored on international servers only if a warrant targets a “US person.”

The legislation is a response to a federal court’s ruling that required Microsoft to turn over e-mails stored on its Irish server to assist a Department of Justice drug investigation. The law also requires the court to vacate a warrant if it violates another country’s laws.

“[We] must strengthen privacy in the digital age and promote trust in US technologies worldwide by safeguarding data stored abroad, while still enabling law enforcement to fulfill its important public safety mission,” Sen. Hatch told The Hill.

The bill was co-sponsored by Sens. Chris Coons (D-Del.) and Dean Heller (R-Nev.)

READ MORE:White House creates new cyber agency in effort to combat computer attacks

Microsoft was served with a search warrant by the Justice Department in December of 2013 seeking contents of e-mails and other details of an unnamed msn.com user, allegedly related to a drug investigation. The company stored non-content e-mail data in the US – and that the info sought was stored on a server in Ireland. Microsoft refused to comply with the warrant, arguing the US had no authority outside its territory.

In 2014, the Obama administration argued in court that global jurisdiction was necessary at a time when “electronic communications are used extensively by criminals of all types in the United States and abroad, from fraudsters to hackers to drug dealers, in furtherance of violations of US laws.

Microsoft’s lawyer, E. Joshua Rosenkranz, argued in court that if other countries required Microsoft to provide them with e-mails of customers located in the US, “we would consider that an astounding infringement of our sovereignty,” according to Bloomberg News.

READ MORE:Hacktivist Jeremy Hammond slams US for ‘blatant hypocrisy’ over cyber ops

However, Federal US District Judge Loretta Preska agreed with the Obama administration and ruled that it was a question of control over, not the location of, the information and Microsoft must turn it over. Tech companies, including Microsoft, argued the Obama administration’s position put the US tech sector in conflict with foreign data protection laws.

READ MORE:NSA develops cyber weapons, ‘attacker mindset’ for domination in digital war – Snowden leaks

The ruling is now on hold, pending review by a federal appeals court. But tech companies are worried that if the Preska ruling is upheld on appeal, foreign users could lose more confidence in US companies’ cloud and tech offerings.

Hatch’s legislation would not effect current laws in the US that require American companies – when presented with a warrant – to hand over data stored on US servers no matter the target’s nationality. This is the second time the legislation has been introduced.