It’s time for Congress to Act.
Three years ago, the U.S. Department of Justice (DOJ) called on Microsoft to turn over the cloud data belonging to a suspected criminal. On the surface, such a request may seem routine, but the criminal was not a U.S. citizen, did not live in the U.S., and the cloud server was in Ireland and owned by Microsoft’s Irish subsidiary. If the DOJ can compel these overseas records, what stops foreign firms from collecting and providing your data back to foreign governments?
There are lawful means by which governments agree to share information for law enforcement purposes, but circumventing these lawful creates distrust between U.S. firms and their foreign customers, as well as distrust between governments. At stake are millions of U.S. tech jobs, as foreign governments scramble to protect their citizens from privacy breaches, sometimes excluding U.S. firms from overseas commerce — essentially jeopardizing opportunities for U.S. tech firms that sell their services and software abroad.
Now the U.S. Supreme Court we consider the case. Regardless of the outcome of the case, it is time for Congress to settle the issue and pass legislation that brings consumer privacy into the Twenty-First Century, as well as clearing up ambiguous data privacy laws, and defining legal data seizures by law enforcement with respect to borderless services, like cloud computing.