And if MS in the EU complies with the US demands without due EU process, they will be in court in the EU.
Given that the EU is actually larger than their US market, it will hurt.
It's not a question of what MS (US) wants to do, or gets told to do. To comply, someone in the EU has to be complicit - either by doing it themselves, or knowingly allowing it (which is a failure of Data Protection obligations).
The US can order what they like. The guy in the EU who provides the facility or does it for MS (US) will be up before an EU court from the second he does it (or allows it).
Ignorance of the law is no excuse, and allowing the US arm of a company to access EU-stored personal data is illegal. It's considered export of that data. And if MS (EU) are asked to do something on the order of a US court, they are legally obliged to ignore it.
It's not as big, or as rare, an issue as some places like to make out. Such orders happen. And then they are ignored. SpamHaus was one particular example where they stupidly responded in the positive to a US court order (initially, at least), but still they got out of actually having to do anything about it as it was outside the US jurisdiction. US courts issue orders that are unenforcable all the time. The actual fact is that if they want them to be legal, there is a process - apply to the EU court to enforce the US court order. That happens too. And when that happens, the EU law is read and applies and it's then legal to do so.
It's not legal for anyone to have any part in letting EU data go out of the EU without suitable data protection. Even the air-travel data sharing scheme fell apart as soon as the EU was no longer co-operative because - by default - it's not legal.
That's not saying it couldn't happen. But Microsoft (US) can tell Microsoft (EU) whatever it likes. If Microsoft (EU) complies or allows it, it's potentially broken EU law. The consequences otherwise don't bear thinking about (e.g. Apple applying US consumer law to other countries, etc. and getting out of their two-year required warranty program...)
All the smart lawyers in the world can't make US law apply anywhere else without breaking the law in "anywhere else". That's part of the reason why Assange is still on UK soil, and why Apple are selling useless "extended" support warranties in the EU.
Biting the hand that feeds IT
