Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Cloud Computing

Microsoft Wins Another Victory in Federal Email Case

Microsoft Wins Another Victory in Federal Email Case

On Tuesday, a federal appeals court refused to reconsider a previous decision in which the U.S. Department of Justice (DOJ) was prevented from forcing Microsoft to hand over customer data stored in an overseas data center. The victory is a huge one for Microsoft, but also for cloud computing in general.

“We welcome today’s decision,” Microsoft president and chief legal officer Brad Smith in a statement. “We need Congress to modernize the law both to keep people safe and ensure that governments everywhere respect each other’s borders.”

As you may recall, the DOJ sued Microsoft in December 2013 after the software giant refused to turn off data in a customer’s email account stored in a data center in Dublin, Ireland. Microsoft argued that because the data was stored outside the United States, it was outside of the DOJ’s jurisdiction.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

The DOJ disagreed, noting that the contents of the email account were under Microsoft’s control regardless of their physical location. And that as a U.S.-based company, Microsoft was indeed under its jurisdiction and subject to legal U.S. warrants.

Microsoft lost the case in court in July 2014, with a U.S. district judge taking the DOJ’s side. Microsoft immediately promised to appeal, with Mr. Smith noting at the time that “under well-established case law, a search warrant cannot reach beyond U.S. shores.”

So in early September 2015, the case started its way through the Second U.S. Circuit Court of Appeals in Manhattan. And in July 2016, Microsoft won the case, with the appellate court overturning the 2014 decision: U.S. service providers are not required to honor warrants seeking data stored overseas, Circuit Judge Susan Carney noted in the ruling.

So the DOJ appealed in October 2016, noting that the ruling rested on a misinterpretation of law and set a bad precedent for other cases. The agency argued that the location of stored data is arbitrary and not determined by law, and that this case broke with previous precedents, and allowed big tech firms to evade U.S. law.

But this week, Microsoft’s victory was upheld, albeit in a 4-4 vote deadlock by the Second U.S. Circuit Court of Appeals.

There is of course one appeal left to the DOJ: It could petition the U.S. Supreme Court. And indeed, the dissenting judges on the appellate court recommended doing so. Meaning this case may not be over yet. “We are reviewing the decision and its multiple dissenting opinions and considering our options,” a DOJ statement reads.


Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Paul Thurrott is an award-winning technology journalist and blogger with over 20 years of industry experience and the author of over 25 books. He is the News Director for the Petri IT Knowledgebase, the major domo at, and the co-host of three tech podcasts: Windows Weekly with Leo Laporte and Mary Jo Foley, What the Tech with Andrew Zarian, and First Ring Daily with Brad Sams. He was formerly the senior technology analyst at Windows IT Pro and the creator of the SuperSite for Windows.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: