back to article Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers

Microsoft has lost the first round in its fight to stop the US authorities from seizing customer data stored inside its overseas data centers. Following a two-hour hearing before the US District Court for the Southern District of New York on Thursday, District Judge Loretta Preska ruled that a US warrant ordering Microsoft to …

Silver badge

Re: Doom for US tech companies

Estimate:

~90% won't care enough to do anything

~9% will care and actually do something, but won't carry it through

~1% actually will do something effective

~0.01% actually will benefit in a measurable way

US Tech companies won't suffer a lot.

Sadly this true!

2
0
Thumb Up

Re: Doom for US tech companies

@AC

"The many billions ... continue to thrive :-)"

Predictable, but good nevertheless.#

0
0

Re: Doom for US tech companies

@Trevor Pott

"Oh hey cowardly scumtoad! How ya been? .. "

If you are referring to AC "The many billions ... continue to thrive :-) "

Then I do not think that that was the shill -- just a comedian. I cannot remember the shill/troll using a smiley.

1
3
Anonymous Coward

Re: Doom for US tech companies

Proper debate is good. First lets work out if we want to start talking about civil law or criminal law as the law works differently in each case. Civil law is bad enough (Think about the Spamhaus being sued by spammer fellow and because Spamhaus made a small error whilst trying to state that the court in question had no jurisdiction they had a default judgement made against them (I paraphrase massively). However in the civil courts it is not possible to make the kind of "give us all the data and don't tell anybody" demands which are being talked about in this article.

Here we seem to be talking about criminal law as it involves the Feds looking for information on a criminal matter. Now assuming we are talking about criminal then are we talking about common or garden crime or are we talking about the kind of stuff that intelligence services will get involved in?

If it's common or garden crime then I totally agree that one countries law enforcement can speak to another countries law enforcement and get the information they want through co-operation. Unless I am mistaken that has been going on for a long long time. Don't get me wrong I don't think that it's as fair as it should be at the moment with some very lopsided sided extradition agreements (Mckinnon and many others) in place. However the point it that this isn't new.

If we are talking about super secrit spies and stuff then we are in the territory of "memorandum of understanding" which have been in place for a long long time and where one government's spies can ask another government's spies to share information. The bit about the government being able to secretly grab your data is specifically only about metadata NOT about content. In order to be able to get the content the US law is very clear about judicial oversight and due process. IF the US government really think that there is something on your servers which falls into the category of "terrorism" then they are going to get by having the UK police knock on your door with a warrant.

What's my point? Perhaps the US is trying to throw its weight around by making it easier to grab the information it needs but actually whilst these may (may) be new powers the tools to get this information has been around for a long time.

If you don't want to be subject to US jurisdiction then the number one thing to do would be not to do business with the US or with any US company.

Also this is all about risk and risk management. To my mind your data is no safer on your own servers than it is in the cloud unless you want to encrypt it and refuse to hand over the keys (and are therefore prepared to go to jail for not handing over the key)

The whole "Those with nothing to hide have nothing to fear" is a pretty stupid soundbite used by both sides to show that the other side are bad...

1
0
Trollface

Re: Doom for US tech companies

I've never seen such a long post. Agitated much?

0
3
Silver badge

Re: Doom for US tech companies

"just a comedian"

Then if he/she didn't post as AC he/she would be able to put a "Joke" icon !

5
0
Silver badge

Re: Doom for US tech companies

Purely as a thought experiment, what would happen if some Irish judge decided that the tech companies in Ireland had an Irish legal attack surface? He or she could get at all data held by US companies around the world with some shoebox office in Ireland just to take advantage of tax laws in the same way. And they would have them by the balls if they said something like "give me the data I want or cease operations in Ireland".

What would the US say about that?

8
0

Re: Doom for US tech companies

Trevor, Trevor, Trevor....

How would that come to happen, then? Are you saying that the not-so-gullible Europeans could possibly make up by themselves for not doing business in the US? Not really...

Or are you potentially suggesting that the shear markets in China and India are so great for (there) non-local businesses? No, I didn't think so...

Hmm, let's look at what really matters: money, and monetary policy. Most of the world's financial institutions count / compute / save their money in what is normally construed as US dollars. China may be an exception, however that is just one (albeit very large) country. And then even they report on the basis of US dollars. So doing business with / in a currency that is largely accepted seems to be advantageous.

And even apart from that stuff: Who would come up with gmail completely on a non-US basis? Not a smithereen of IT equipment anywhere in the middle may be in the US, or else they can legally intercept the communication / information.

So, the US says: Hey you're using the newly created European Internet? Tough! We don't trade with you. Do you really really think that uhm a lot of companies will jump on the European Internet? Tiny small businesses who couldn't really be bothered with the US, still might jump onto the European Internet, but other than that? You wanna facebook page / twitter account for your tiny European Internet based company? Good Luck!

If the US really would be afraid of losing business and having their throats cut, why would they fine non-US banks for crimes(?) against international law? Barclays didn't seem to mind paying up, because apparently the benfit of US customers outweighs the fine... UBS, similarly, didn't seem to mind paying up... Neither will BNP Paribas... so, your point, my dear Trevor, will largely be overlooked by the US, because there is absolutely no reason for them to be so paranoid...

0
3

Re: Doom for US tech companies

"I really do want to see him worm his way out of the fact that the US feels it has sovereignty over my data"...

Granted it is your data. However, because it uses communication technology operated by US companies, the US government feels as though the can snoop on it. So they don't give a monkey's behind that it's your data. All they care about is to incriminate you, should you ever have something against the US. And for that, my man, they need to know what you think, write, talk about...

So they spy...

2
0
Anonymous Coward

Re: Doom for US tech companies

That's why they call it a trade war. Similar government idiocy greatly contributed to a perpetuation of the Great Depression well into the 1930's, eventually leading to WW II. And if you don't believe throat-slitting is already back in vogue, go read some news about the Middle East. As soon as the crazies have taken over and fully locked down the asylum (a highly advanced Work in Progress), we are all doomed.

Looks like a rather dark replay of another episode in global history, we're only missing a few bogeymen dictators with unlimited power....oh wait....

If half of the world's 2.7 Bn Internet individual users voted with their keyboards, PFS, end-to-end encryption and secure cloud services, international G-Men and other data crooks would have to go back to following the rules.

So what is stopping us ? How bad does it have to get?

5
0

Re: Doom for US tech companies

@Dan 55 Loud and raucous laughter on the other side of the pond, would be my first guess.

But Irish jokes aside, it would be a valid thought experiment indeed, and it would be great to see an MS lawyer trot it out into court. I suspect he'd be cited for contempt.

The only good news about this is that the scary dark underbelly of US over-reach gets dragged out into the light for everyone to see. What happens now is anybody's guess.

Based on past performance, I am not very optimistic.

1
0
Anonymous Coward

Re: Doom for US tech companies

"Nah, they'll just bring in a law making it illegal to trade in the US or with US-based organisations if your infrastructure is not open to the US government - on the basis that you must have something to hide."

They've already done that with Swiss banks.

Remember the NatWest Three?

2
0
Silver badge

Re: AC

"To my mind your data is no safer on your own servers than it is in the cloud unless you want to encrypt it and refuse to hand over the keys (and are therefore prepared to go to jail for not handing over the key)".

No. If I were living in Ireland then the only authority to make me hand over my keys would be the Irish courts. End of story.

What we have here is the US demanding the data on a non-US service/server based on the company having ties to the US. Had they the slightest sense of decency and international decorum, they would have made a formal request to the Irish law enforcement agencies who, no doubt would have cooperated if there was probable cause.

In that case here I'm pretty sure the comentards on this forum would have supported it as the proper legal process.

9
0

Re: Doom for US tech companies

<snip>

Agreed old chap.

"Dance marketing shill sockpuppet, dance!"

I have successfully fought off the cloud for the past few years in the same way I fought off Exchange and batteries of Windows servers. A nice man called me in today, thanked me for all I had done and passed over a nice bunch of Euros and a booking for four at one of Ramsey's restaurants. I guess it was this announcement among other things that triggered their response although I am helping them go national.

When I used to have to work less selectively I used to tell people "if the answer is Microsoft then you have misunderstood the question".

Old truism that is equally valid today as it was then.

4
0

Re: Doom for US tech companies

<snip>

"And we are, after all, apparently talking about execution of a warrant in a criminal investigation."

Why not use rendition and send then to GITMO, sorted innit and no nasty execution.

1
1
Anonymous Coward

Re: Doom for US tech companies

Why do I suddenly see potential business opportunities for Pariah and bad boy nations like NORK, PAK, CIS and IRAN? All they need is some decent infrastructure.

2014 is the new 1930's

1
0

Re: Doom for US tech companies

"Oh hey cowardly scumtoad! How ya been? Totally off your rocker as usual? Awesome."

<snip magnificent vade mecum for vitriol and consultant ethics >

Said in my best Sergeant Major Shout:

Mr Potts!!! Stand back that man stand back!!!

Lovely post by a man call Trev' (1.)!

1. Probably a hated shortening like some that I have.

2
0

Re: AC

<snip>

"In that case here I'm pretty sure the comentards on this forum would have supported it as the proper legal process."

Exactly! Due process is due process and is generally right and proper. The US has declared that it is the worlds policeman and has the right to do what it wants wherever it wants so I suppose it is logical that it wants to do the same in the digital domain.

Stand by for an invasion of servers having funny domain endings.

Sad really, what a shit place to bring up kids.

5
0
Vic
Silver badge

Re: Doom for US tech companies

What the US says basically trumps local law.

Only in the eyes of the US.

The local lawmakers still believe - rightly, IMO - that their laws apply in their territories.

This leaves US companies in something of an invidious position; it is entirely possible that, whatever they choose to do, they will be breaking one or other of the laws that apply to them.

I don't see this ending well...

Vic.

5
0

Re: Doom for US tech companies

Why "dual-dc"???

0
0
Silver badge

Re: Doom for US tech companies

This is interesting. What about US companies operating government contracts in other countries.

For example, in the UK, IBM run parts of the IT for the DVLA, the ID and Passort Service, parts of DEFRA, and probably other government or civil service entities. I think HP has a strong relationship with the Inland Revenue, and I'm absolutely certain that there is one or more US company associated with running the NHS IT systems.

And the UK Government has said that it intends to use Office 365 (although how that sits with the ODF statement recently, I don't know).

3
0

Doom for US tech companies

Didn't Germany cancel Verizon's contract and kick them out due to US spying? I hope this is only the beginning. I'm a US citizen and hope that Europe and other nations start pushing back, hard, on America's Orwellian surveillance. After all, what is the US going to do about it? Nothing. Washington is so gridlocked they can't even agree on toilet paper. I store nothing in the "cloud". I download my emails via Outlook, then the emails are deleted from the server thereafter. One thing other countries need to realize is the parasites on Wall Street have instituted a perpetual growth model. In order to maintain that momentum, globalization is absolutely necessary or the system will collapse. If American companies are not welcomed abroad due to these unprecedented over-reaching laws we might actually see the business and investment machinery unite to stop this intrusion for survival purposes.

2
0
Mushroom

Re: Doom for US tech companies

I think this will depend on who has the bigger stick to wield over the company the "Good ol" USA or the EU.

As these warrants or whatever letter is used to get the tech company to provide the data from the EU data centre, i guess that the local company may be in breach of EU data protection regulations for giving out the information without a LOCAL issued warrant so are the CEO and board of the company more worried about fines from the EU or sitting in the clink in some super max prison in the middle of Nevada with Bubba as a cell mate. and as they probably reside in the USA they will be more scared or personal risk than company risk.

the only way Microsoft can win trust from non USA customers (even USA Customers :-( ) and show they actually have the rights and data of their clients as a priority and to "protect" their bottom line ie the freedom of their bosses is to bring out the next generation of Windows (WITH A START BUTTON) and software like office to include local strong encryption of data BEFORE any of it is loaded in to ANY cloud so only the user has the key. and to implement Dark mail in to outlook and Exchange for good measure.

1
0

Trevor's Rebuttle

Wow, nice job/post. However, living in the US, I do "hate the cloud". None of the cloud services are talking at all about Privacy, Security, Accessibility nor Reliability, at least publicly. Amazon remained absolutely quiet after a Botnet was easily set up in their cloud. And Office 365? Why would I want to use that? I have always run Office locally and will continue to do such. Oh, MS said that way you will always access the latest and greatest. Really? I don't remember managing the infrequent Office updates to be a daunting task. Office upgrades have become less and less useful so I don't see the value there. In the US, we clearly have the most expensive internet and far from the fastest or most reliable. The ISP's are consolidating for control of the internet and they charge a premium for faster speeds and content providers will be charged to not be throttled. Remember, the ISP's are also the TV providers. Now many companies are providing cheesy data plans that are easy to exceed, so one gets pushed into more expensive monthly data plans. In other words, the "cloud" is slowly being forced on us in the United States. American companies seem to feel if they want it, build it and sell investors on it, you will use it one way or another.

2
0

Re: Doom for US tech companies

You really think "content" is not extracted? That US laws and oversight protect such an intrusion? Wow, I have a bridge in Brooklyn that I'd like to sell you. Interested? Yes spying has a long history, however, with current and upcoming technology, the extent of spying is unprecedented and the fact that everyone is fair game is Orwellian.

2
0

Re: Doom for US tech companies

Unfortunately, you are most likely correct. The US doesnt' care.

2
0
Silver badge

Re: Doom for US tech companies

For the reasons Mr. Pott cites, there will be no US law requiring that a company with a US presence must make its data available to the US government. On the other hand, the recently enacted UK Drip Act appears to go a few steps in that direction without triggering mass flight of businesses from there.

This case is not about an unrestricted requirement for US businesses to give up data held in foreign data centers on request of nosy government officials, or without a warrant. That would be a matter for the NSA, if anyone. It is, instead, about a warrant issued, in a criminal inquiry, by a federal judge with a passing knowledge, at least, of legal procedures and the fourth amendment. The decision, as the article pointed out, does not appear to set a precedent. The process of obtaining a warrant may present a low bar, as some of the FISA orders indicate, but it still interposes some procedural requirements and judicial review.

0
2
Vic
Silver badge

Re: Doom for US tech companies

the only way Microsoft can win trust from non USA customers

The only way Microsoft can win trust from non-USA customers is to separate out their cloud business into a new company that is not a subsidiary.

I don't see them doing that...

Vic.

4
0
Silver badge

Re: Doom for US tech companies

"So what is stopping us?"

Near terminal laziness, starting with use of webmail, for which decent end to end encryption still is somewhere between nonexistent and seriously deficient.

"How bad does it have to get?"

For nearly all people, it will have to appear to be a lot worse than it does now, even in the mild state of moral panic in which we now find ourselves. And those who actually need end to end encryption probably are using it already, which explains the intelligence agencies' interest in communication metadata.

3
0

Re: Doom for US tech companies

@Chemist

"Then if he/she didn't post as AC he/she would be able to put a "Joke" icon!"

But I thought posting as AC was part of the joke! After all it was a response to Trevor's justified rant against the AC MS shill. The problem with AC posts is that we never know how many or who they are.

1
0
Anonymous Coward

Re: Doom for US tech companies

"The whole "Those with nothing to hide have nothing to fear" is a pretty stupid soundbite used by both sides to show that the other side are bad..."

That line is really so retarded; it makes you wonder how that person graduated from primary school as it's so fundamentally flawed, I mean try saying that line to the Jews during WW2.

1
0
Silver badge
Joke

Re: Doom for US tech companies

Maybe there are no AC's, The Reg has a really good A.I.? That could explain a few things.

1
0
Anonymous Coward

Re: Doom for US tech companies

Although they have already got your person, so to all practical purposes they can get anything you own or know.

0
0
Anonymous Coward

Re: Doom for US tech companies

But what do you REALLY think, Trevor? 8-) 8-) 8-)

Nice rant - you told him. And I completely agree with you.

0
0
Anonymous Coward

Re: Doom for US tech companies

"What would the US say about that?"

I imagine they would ignore it to start with. Then, if the Irish started actually to do something, they would have a quiet word with the Irish President. Along the lines of "how would you like your little island turned into a nice shiny lake of radioactive emerald glass?"

0
0
Anonymous Coward

Re: Doom for US tech companies

"Most of the world's financial institutions count / compute / save their money in what is normally construed as US dollars. China may be an exception, however that is just one (albeit very large) country".

http://en.wikipedia.org/wiki/6th_BRICS_summit

In other words: Russia, China, India, Brazil... plus South Africa. The thin end of a wedge consisting of all of Asia, Africa, and Latin America.

1
0
Anonymous Coward

Re: Doom for US tech companies

"If half of the world's 2.7 Bn Internet individual users voted with their keyboards..."

Unfortunately it turns out that thermonuclear weapons, napalm and cruise missiles trump keyboard votes.

0
0
Anonymous Coward

Re: Doom for US tech companies

"if the answer is Microsoft then you have misunderstood the question".

Magnificent! I am afraid I shall be quoting that frequently for the rest of my life.

0
0
Anonymous Coward

Re: Doom for US tech companies

"...the parasites on Wall Street have instituted a Ponzi scheme".

FTFY.

(But I heartily agree with your post - just clarifying a little).

1
0

Re: Doom for US tech companies@ jnemesh

NSA and GCHQ are not really the point here; the main arguments being presented are about the extension of US laws to all nations by use of services and servers either based in the USA or provided by companies who are either domiciled in the USA or are controlled by such. What GCHQ does by spying on USA citizens and then allowing our country cousins access to the information would be illegal as far as the USA courts are concerned but hey, it doesn't happen.

0
0

This post has been deleted by its author

This post has been deleted by its author

Silver badge
Heart

Re: Doom for US tech companies

" Good luck with all your endeavors in the future."

Trevor!

I want your babies!!!!!!! <3

0
0
Gold badge

" Because Microsoft is a US company and it "controls" the data held in its overseas servers, they reasoned, the same rules apply."

It would be interesting to hear the opinions of an Irish judge on the question of whether Irish data protection laws don't apply to Microsoft servers in Ireland simply because MS are a US company.

24
0
Silver badge

Irish Data commisioner

Previously has taken the role more seriously than Financial Regulator or Comreg the comms regulator. They even slapped Sky quite hard.

They may take a while to get involved.

There may be popcorn shortages soon.

11
0

An interesting question. What if an Irish judge issues an injunction against Microsoft releasig the information in question?

12
0

why would the Irish know?

If the warrant has been served on Microsoft in the US on the basis that Microsoft controls Microsoft Ireland then the obtaining of the data would be an internal activity which would be out of site of the Irish courts. Unless the specific individual knew that a)they were being investigated and b)that the warrant had been issued so at to be able to seek an injunction from an Irish court then the Irish would have not involvement in the decision to hand the data over.

1
1
Silver badge

Re: why would the Irish know?

Only in the US court's view. In the Irish court's view MS Ireland would be guilty of breaking the injunction with the consequent fine or jail sentence for the directors that that entails.

This is why we generally have laws that stop at national borders. If they don't then they usually involve arrest upon return or cooperation with other countries' legal systems. Apart from the US of course because US.

2
0

Wasn't all the tax arguing last year or so to do with companies using loopholes and incentives to run parts of their business through Ireland and pay less tax? Surely if it is paying Irish tax in Ireland that makes it an Irish company (albeit one that is a subsidiary of a US one)?

6
0

Paying tax<>control

Yes, but paying tax is not the same as being independent - your parent company may own you and you poor Irish subsidiary may be making massive *cough* profits due to trading with said parent company and then proceed to say pay a lower tax rate than the parent company would.

Or something.

But your US parent company still owns you=>has control. (Though I agree popcorn may be in short supply if Irish judges/privacy commissioners get involved for the opposite view)

1
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017