Home IT Info News Today Microsoft Sues US DOJ Over Secret Requests for Customer Data

Microsoft Sues US DOJ Over Secret Requests for Customer Data

303

Arguing that “customers have a right to know when the government obtains warrants to read their emails,” Microsoft today filed a lawsuit in the U.S. District Court, Western District of Washington against the U.S. Department of Justice and Attorney General Loretta Lynch. The aim of the lawsuit is to enable Microsoft to tell its customers when the government asks for their data.

The complaint centers on the Electronic Communications Privacy Act (ECPA) of 1986, a law regulating government surveillance of oral, wire and electronic communications. Privacy advocates have long advocated for an update to the legislation, and just yesterday the U.S. House Judiciary Committee unanimously advanced a bill on e-mail privacy for consideration by the full House.

Over the past year-and-a-half, Microsoft said it has received thousands of legal demands for customer data from the federal government, and is prevented in many cases from ever informing customers about such requests.

The lawsuit states that the ECPA “allows courts to order Microsoft to keep its customers in the dark when the government seeks their e-mail content or other private information, based solely on a ‘reason to believe’ that disclosure might hinder an investigation.” We reached out to the Justice Department for comment, but did not receive a response.

Urgency ‘Clear and Growing’

The urgency for action is clear and growing, Microsoft president and chief legal officer Brad Smith wrote today in a post on the company’s Issues blog. “Over the past 18 months, the U.S. government has required that we maintain secrecy regarding 2,576 legal demands, effectively silencing Microsoft from speaking to customers about warrants or other legal process seeking their data,” he said.

According to Smith, 1,752 of these secrecy orders, or 68 percent of the total, did not contain fixed end dates. “This means that we effectively are prohibited forever from telling our customers that the government has obtained their data,” he said.

Smith noted that today’s lawsuit is the fourth such case that Microsoft has brought against the federal government in connection with customer privacy and transparency. Two previous complaints were settled — in one case by allowing Microsoft to disclose the number of legel requests it receives and in another by the government’s withdrawal of a National Security Letter.

A third complaint is pending in the U.S. Court of Appeals for the Second Circuit. That third case involves Microsoft’s challenge of a U.S. search warrant for a customer e-mail in Ireland belonging to a non-U.S. citizen, Smith said.

‘Think They’ll Succeed’

“There’s no question this is a real issue here,” Chris Calabrese, vice president for policy at the Center for Democracy & Technology, told us today. He said his organization welcomes Microsoft’s action in court, although it’s too early to say whether it would show that support through a friend-of-the-court brief.

Calabrese cited a 2012 paper by U.S. Magistrate Judge Stephen Smith that criticized the federal government’s “secrecy parade” through the ECPA’s docket system. In that paper, “Gagged, Sealed & Delivered: Reforming ECPA’s Secret Docket,” Smith cited a Federal Judicial Center study showing the ECPA was responsible for “tens of thousands of secret cases every year.”

Microsoft’s challenge of that practice was also praised by Andrew Crocker, staff attorney for the Electronic Frontier Foundation. “In nearly all cases, indefinite gag orders are an unconstitutional prior restraint on free speech and infringe on First Amendment rights,” Crocker told us via e-mail through a spokesperson. “Microsoft’s complaint shows it receives a staggering number of these orders. We look forward to assisting in this important lawsuit.”

In a tweet today, Kevin Bankston, director of the Open Policy Institute at the New America Foundation, said, “This is a First Amendment fight that needed to get picked and I’m glad Microsoft picked it. Just as in the real world with physical seizures, secrecy in digital seizures should be the exception and not the rule. And based on previous similar cases around gag orders in national security cases, I think they’ll succeed in striking this overbroad law down.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here