CLOUD Act ends Microsoft's US data privacy dispute

DoJ and Redmond giant ask Supreme Court to dismiss Irish data centre case

A long-running court battle between Microsoft and the US government over data sovereignty appears to be drawing to a close, with both sides calling for the dismissal of the case in light of a new law.

The case, which has been ongoing since 2013, centres around a number of emails stored in Microsoft's Dublin data centre related to a criminal investigation into alleged drug trafficking. Redmond has repeatedly refused to comply with a warrant to hand over the emails to US law enforcement agencies, arguing that as the information is stored outside of the country it doesn't fall under the jurisdiction of American authorities.

Advertisement - Article continues below

Prosecutors in the case have countered by saying that because the data is held by an American entity - i.e. Microsoft - it falls under American jurisdiction, basing their arguments on the US Stored Communications Act from 1986.

Over the course of the past five years, the case has been fought all the way up to the US Supreme Court and attracted interventions and amicus briefs from the likes of Apple, Cisco, AT&T and, most recently, the European Union.

It now seems, however, that this bitterly fought battle is coming to an end - for now, at least.

Advertisement - Article continues below

The US Department of Justice (DoJ) has requested the case be dismissed, according to Reuters, with Microsoft backing the call, despite the two presenting arguments to the Supreme Court justices as recently as 27 February.

The reason for the about turn is a new piece of legislation signed into effect by US president Donald Trump on 22 March, which both sides say effectively resolves the dispute. The CLOUD (Clarifying Lawful Overseas Use of Data) Act states that US law enforcement agencies have the right to issue and enforce warrants relating to data held by American companies abroad, although there is also recourse to object if the order is in conflict with foreign laws.

Advertisement - Article continues below

In the filing, Microsoft's lawyers said: "Microsoft agrees with the government that there is no longer a live case or controversy between the parties with respect to the question presented."

While it may be the end of this particular case, this isn't necessarily the end of the story completely. The DoJ has acquired a new warrant for the data governed by the new law, which means there's still opportunity for Microsoft to object and, indeed, for the whole cycle to start again.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now


General Data Protection Regulation (GDPR)

ICO to relax GDPR enforcement during coronavirus economic downturn

16 Apr 2020

The NHS teams up with Apple and Google on coronavirus tracking app

14 Apr 2020
data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020
data protection

Supreme Court rules Morrisons was not liable for 2014 data breach

1 Apr 2020

Most Popular

Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020