Microsoft, privacy advocate -- who'd have thunk it? The new regime in Redmond is taking up the cudgels, challenging the right of federal prosecutors to make it hand over a customer's email that's stored abroad. What's more, Verizon -- never known as a customer-friendly outfit -- is on the same side, filing a brief in support of Microsoft's legal claim, and other telcos are following suit.
Verizon's action occurred Tuesday, and Microsoft's was disclosed Monday. But they're hardly the first shifts in corporate actions related to privacy we've seen in the year since former National Security Agency contractor Edward Snowden stole, then disclosed thousands of classified documents related to the NSA's Orwellian campaign of spying.
[ Also on InfoWorld: What Edward Snowden taught us about privacy. | Cut to the key news for technology development and IT management with the InfoWorld Daily newsletter, our summary of the top tech happenings. ]
Major U.S. companies have begun to publish so-called transparency reports that detail (to the extent the law permits) requests by governments to hand over user data, a move only Google had made in the past. That trend is even spreading abroad. Vodafone, the world's second-largest carrier behind China Mobile, last week released a report outlining the scope of government surveillance into private phone communications in the 29 countries where it operates.
Am I surprised? Not entirely. Revelations that the U.S. government has built backdoors into systems sold overseas by Cisco and other companies have already taken a bite out of corporate profits. Whether the CEOs of Microsoft and Verizon really care about privacy is irrelevant. They care about sales, so they need to convince customers that their data is secure. Companies with operations abroad, particularly in privacy-sensitive Europe, know that many of their users are outraged as well.
There is a widespread sense in the United States that the government has gone too far and tech companies have done little (maybe nothing) to push back. As a result, even companies that don't have to worry about losing foreign sales are becoming more transparent and are boosting encryption in an effort to regain the trust of their users.
It's Microsoft versus the feds
Last December, a federal magistrate granted a search warrant that would have forced Microsoft to surrender a customer's emails that were stored in a Dublin data center. The warrant was issued in connection with a criminal investigation, but few details of the alleged crime or the identity of the owner of the emails are known.
Microsoft fought the warrant but lost and is now appealing in federal district court. Turning over that email, Microsoft said in the court filing released this week, "would violate international law and treaties, and reduce the privacy protection of everyone on the planet." That's strong stuff, particularly coming from a company like Microsoft.
The case has implications for domestic privacy as well, says Hanni Fakhoury, a staff attorney for the Electronic Frontier Foundation. "The magistrate [in effect] rewrote the law," and that weakens Fourth Amendment protections here in the United States, he tells me. The EFF will file its own brief tomorrow and other large telecommunications companies will follow suit, he says, although he declines to name them.