In a privacy paradigm shift, Microsoft sues the US government.
18 April 2016
On April 15, 2016, Microsoft filed suit against the U.S. Department of Justice and Attorney General in the Western District of Washington (where Microsoft is headquartered), seeking a declaration that a provision of the Electronic Communications Privacy Act is unconstitutional on the basis that it prohibits Microsoft from notifying its customers when a warrant is issued permitting the government to search and seize personal information stored in the Microsoft cloud.
Microsoft claims that the provision at issue, 18 U.S.C. § 2705(b), “allows courts to order Microsoft to keep its customers in the dark when the government seeks their email content or other private information, based solely on a ‘reason to believe’ that disclosure might hinder an investigation. Nothing in the statute requires that the ‘reason to believe’ be grounded in the facts of the particular investigation, and the statute contains no limit on the length of time such secrecy orders may be kept in place. Consequently, as Microsoft’s customers increasingly store their most private and sensitive information in the cloud, the government increasingly seeks (and obtains) secrecy orders under Section 2705(b).” (Complaint at 1, Microsoft Corp. v. U.S. Dep’t of Justice et al., No. 16-0538 (W.D. Wash. 2016); citation omitted).
Microsoft is effectively forcing a policy approach to the privacy debate, which until now has been decided (or, as in the Apple v. FBI dispute, not decided) on a case-by-case basis. Microsoft stated that other technology companies may file briefs in its support. The hope is that Microsoft, and other key players in the technology sector, will mobilize Congress to legislate and reign in the government’s secret and indiscriminate collection of personal information.