Microsoft has filed suit against the DOJ, stating that the federal government is routinely violating the Fourth Amendment rights of its customers by preventing the company from notifying users of government requests for their data.
It’s a case that could have wide-ranging implication for how much consumers can trust increasingly popular cloud providers, including Microsoft, with their most sensitive data, at a time when the industry is pushing to have more and more of that data stored remotely.
At issue is whether users give up some of their expectations of privacy when they ask a third party to hold onto their data, and what due process is given to those users.
“People do not give up their rights when they move their private information from physical storage to the cloud,” Microsoft stated in the blistering filing.
As individuals and business have moved their most sensitive information to the cloud, the government has increasingly adopted the tactic of obtaining the private digital documents of cloud customers not from the customers themselves, but through legal process directed at online cloud providers like Microsoft. At the same time, the government seeks secrecy orders under 18 U.S.C. § 2705(b) to prevent Microsoft from telling its customers (or anyone else) of the government’s demands.
Microsoft maintains that while cloud storage is a natural evolution of how people store and access their private data, the courts and legislation have not kept up.
The impact is getting hard for Microsoft to ignore, even as the company is prevented from releasing specifics even to impacted customers. In the filing, Microsoft said that over the last 18 months it has received 2,600 secrecy orders that prohibit it from disclosing orders for information — and that in two-thirds of those cases, the orders have no end date to the secrecy.
In addition to denying customers their Fourth Amendment rights, the company argues, it infringes on the company’s First Amendment rights to discuss the cases.
The Department of Justice stated that it is reviewing the case.
The confrontation comes at a time of high tension between tech companies and the federal government: Apple is fighting efforts to, through the courts or legislation, put backdoors in device encryption, a fight that Microsoft ultimately endorsed.
But while Apple was defending a precedent on the side of encryption that had been won in the 90s, Microsoft is picking what could be a more challenging case: Reversing a precedent that has been running for decades, and establishing a stronger Fourth Amendment than the courts have so far recognized.
Without such protections, Microsoft and other cloud providers might have to get increasingly creative about how they protect customer data, as the company did recently by opening a German Azure instance that it legally does not control.
Original article appeared at http://windowsitpro.com/cloud/microsoft-doj-cloud-isnt-automatic-fourth-amendment-exemption