EU to intervene in Microsoft’s US Supreme Court data protection case
BRUSSELS (Reuters) – The European Union is to make a submission to the U.S. Supreme Court in its hearing of the U.S. Department of Justice’s appeal against a ruling which prevented prosecutors from gaining access to emails held by Microsoft in Ireland.
The case has attracted significant attention from technology and media companies due to concerns that an unfavorable final ruling could deter customers from using cloud services because of concerns that their data could be seized.
In the lower court ruling last year Microsoft successfully challenged a search warrant secured by federal prosecutors wanting to obtain emails stored on its computer servers in Dublin in connection with a drug trafficking investigation, arguing that to hand over the emails directly would undermine people’s trust in cloud computing services and set a dangerous precedent.
The Supreme Court in October agreed to hear the U.S. administration’s appeal against the decision.
The European Commission said on Thursday it would submit an amicus brief to the court.
“Given that the transfer of personal data by Microsoft from the EU to the U.S. would fall under the EU data protection rules, the Commission considered it to be in the interest of the EU to make sure that EU data protection rules on international transfers are correctly understood and taken into account by the U.S. Supreme Court,” the Commission said in a statement.
It said the brief would not be in support of either one of the parties.
Microsoft, which has 100 data centers in 40 countries, was the first U.S. company to challenge a domestic search warrant seeking data held outside the country. There have been several similar challenges, most brought by Google.
“We welcome the EU’s involvement in the case. It is important that European voices are heard by the U.S. Supreme Court” said John Frank, Vice President for EU Government Affairs, Microsoft.
A new data protection law in the EU enters into force in May next year which has strict rules on when companies may transfer EU citizens’ data overseas.