Emails stored on servers beyond U.S. borders are still subject to searches domestically, according to a recent court decision.
The federal magistrate sided with the FBI against Google, who had only partially complied with two search warrants in an alleged crime that involved U.S. citizens, and took place on U.S. soil, according to the court decision.
The decision comes at a crucial legal crossroads, in which federal authorities are appealing similar cases against other companies, like Microsoft.
Google had argued their network automatically moves data from one location to another for efficiency’s sake. They further argued that they did not know where the data was, and if it was beyond the U.S., they did not have to produce the items requested by an FBI agent in Pennsylvania.
The judge disagreed, saying that Google can comply with the legal search warrants without ever leaving the company’s American premises.
“Google will gather the requested undisclosed data on its computers in California, copy the data in California, and send the data to law enforcement agents in the United States, who will then conduct their searches in the United States,” the judge ruled.
Google fields more than 25,000 legal requests from federal, state and local authorities each year, one of its attorneys said during oral arguments in the criminal case.
The “state-of-the-art intelligent network” run by Google can be mind-boggling—and map-defying, according to the government experts tapped on the case:
“The data … is a moving target: stored one day in a data center in Finland, or Singapore, and automatically moved the next day to a new data center in Chile, or Belgium,” they write, in court documents.
Even that moving data is fragmented, stored in “shards” which alone would constitute a “useless piece of coded gibberish,” they further explain.
The judge ruled that Google must make sense of it for American investigators in American cases.
But the case law remains unsettled.
The federal officials' most recent setback was the “Microsoft Ireland” case. The Second Circuit Court of Appeals ruled last July against the U.S. in its pursuit of Microsoft customer emails, finding that the data stored on a server in Dublin was not subject to search under a provision of the Stored Communications Act. The initial warrant, sought in a December 2013 criminal narcotics investigation, has been tied up for three years. According to interpretations of the Microsoft case, warrants do not apply beyond national territory. Furthermore, the subpoena power that the federal prosecutors argued was implied within the Stored Communications Act were not included within the letter of the law—a statute originally passed in the 1980s and intended to protect user privacy, the Second Circuit judges ruled.
That Microsoft case most recently was denied rehearing by the Second Circuit. The judges conceded that they were hampering law enforcement investigations—but were ruling to follow what the law itself said.
“U.S. law enforcement will less easily be able to access electronic data that a magistrate judge in the United States has determined is probably connected to criminal activity,” ruled the Honorable Susan L. Carney in her opinion on Jan. 24. “My panel colleagues and I readily acknowledge the gravity of this concern.”
But the latest Google case may give federal authorities a new argument to fight for electronic access on cloud and other “borderless” servers in the near future, writes Kenneth A. Blanco, acting assistant U.S. attorney general of the criminal division, in a blog post assessing the case last week.
“We recognize the extraordinary importance to public safety that comes from allowing the government, with a warrant lawfully issued by a neutral magistrate after a showing of probable cause to believe an e-mail account contains evidence of a crime, to gain access to that account,” writes Blanco. “Friday’s court opinion is an important step in the department’s ongoing efforts to ensure that providers uphold their obligations to public safety by complying with lawful warrants.”