Electronic records outside US not covered by US warrants

The 2nd Circuit Court of Appeals ruled against the Government today in US Government vs. Microsoft. The government is investigating a drug dealer and want access to records held by Microsoft. Microsoft turned over metadata stored on US machines. But they refused to turn over the specific emails stored on machines in Dublin. The company’s position is that the federal government needs to follow the rules of the Mutual Legal Assistance Treaty between the US and Ireland.
This has been winding its way through the appeals court.
The court’s ruling today states “§ 2703 of the Stored Communications Act does not authorize courts to issue and enforce against U.S.‐based service providers warrants for the seizure of customer e‐mail content that is stored exclusively on foreign servers.”
An interesting ruling, and I see pros and cons to the ruling. It does complicate anti-spam enforcement a bit and make it easier for criminals to hide their data overseas while they might be in the US. But it’s already easy for them to do that. Many arrests of spam gangs and others for crimes committed on the Internet over email involve multiple law enforcement agencies across the world.
Full text of the ruling (.pdf link)

Related Posts

March 2016: The Month In Email

Happy April! I’m just back from the EEC conference in New Orleans, which was terrific. I wrote a quick post about a great session on content marketing, and I’ll have more to add about the rest of the conference over the next week or so. Stay tuned!
March2016_blog
Here’s a look at what caught our attention in March:
On the DMARC front, we noted that both Yahoo and mail.ru are moving forward with p=reject, and Steve offered some advice for ESPs and software developers on methods for handling this gracefully. I also answered an Ask Laura question about making the decision to publish DMARC. Look for more on that in this month’s Ask Laura questions…
Our other Ask Laura question this month was about changing ESPs, which senders do for many reasons. It’s useful to know that there will generally be some shifts in deliverability with any move. Different ESPs measure engagement in different ways, and other issues may arise in the transition, so it’s good to be aware of these if you’re contemplating a change.
In industry news, I wrote a sort of meta-post about how the Internet is hard (related: where do you stand on the great Internet vs. internet debate? Comment below!) and we saw several examples of that this month, including a privacy debacle at Florida State University. Marketing is hard, too. I revisited an old post about a fraud case where a woman sued Toyota over an email marketing “prank”. As always, my best practices recommendation for these sorts of things (and everything else!) really boils down to one thing: send wanted email.
Steve wrote extensively about SPF this month in two must-read posts, where he explained the SPF rule of ten and how to optimize your SPF records. He also wrote about Mutt, the much-loved command line email client, and marked the passing of industry pioneer Ray Tomlinson, who, in addition to his many accomplishments, was by all accounts a very thoughtful and generous man.
Finally, I occasionally like to take a moment and follow the twisty paths that lead to my spam folder. Here’s a look at how Ugg spams my email doppelganger, MRS LAURA CORBISHLEY. In other spam news, there’s a lot of very interesting data in the recent 10 Worst list from Spamhaus. Take a look if you haven’t seen it yet.

Read More

Misdirected email


While this does seem to be more common with gmail addresses, it’s not solely limited to gmail. I’ve written about this frequently.

Read More

US-EU Privacy Shield Approved

Since the Safe Harbor rules were struck down by EU courts, the US and EU have been in negotiations to replace it. This morning (pacific time) the EU approved the new rules called Privacy Shield. WSJ Article

Read More