A US judge has ruled that US-based providers must hand over customer emails even if they are stored in a location overseas.
The decision comes amidst a challenge from Microsoft with regard to an Ireland-based customer, claiming that as the US government does not have jurisdiction overseas the company should not be forced to disclose user data.
Yet Judge James C. Francis has dismissed this claim, further jeopardising the data security of US cloud providers.
Judge Francis explained the issue at stake. “Federal courts are without authority to issue warrants for the search and seizure of property outside the territorial limits of the United States,” he noted. “Therefore, Microsoft concludes, to the extent that the warrant here requires acquisition of information from Dublin, it is unauthorised and must be quashed.
He continued: “That analysis, while not inconsistent with the statutory language, is undermined by the structure of the SCA (Stored …