The Supreme Court pressed Congress on Tuesday to update the country’s data privacy laws for the internet age, as justices grappled with tricky questions about the reach of federal powers over data that’s controlled by an American company but kept on overseas servers.
The case before the justices involves the government’s demand to see emails of a Microsoft customer. Microsoft says contents of the emails are stored in Ireland, and releasing the information would conflict with that country’s laws.
But the justice also said the 32-year-old Stored Communications Act, which governs the situation, never envisioned that kind of interconnected world.
“What you’re asking us to do is to imagine what Congress would have done,” Justice Sonia Sotomayor told the Trump administration during oral argument. “Why shouldn’t we leave the status quo as is and let Congress pass a bill in this new age?”
Michael R. Dreeben, the deputy solicitor general who was arguing the government’s case, said criminal prosecutions need legal certainty now and can’t wait for Congress.
“I think this court’s normal practice is to decide cases before it based on the law as it exists, rather than waiting for an uncertain legislative process,” he said.
Tech companies are anxiously watching the case to see what their obligations will be, as they try to balance customers’ privacy with demands by law enforcement for access.
An appeals court sided with Microsoft, saying that since the data was physically overseas, it was beyond the reach of a warrant.
The government, though, says it’s more important to look at whom the warrant is served on — in this case Microsoft, an American company that controls that data.
Mr. Dreeban said there’s a precedent for that from the analog days: a 1958 Supreme Court case that saw the justices order a U.S. party to turn over documents that were held in Switzerland.
“The court had no problem with the issuance of the order,” he said. “There is nothing new about this problem.”
E. Joshua Rosenkranz, the attorney for Microsoft, argued the focus must be on where the emails are stored rather than the disclosure, because if the storage is done in a foreign country, the facility is under the protection of foreign law.
“The emails are stored in Ireland and the DEA is forcing us to fetch them,” said Mr. Rosenkranz. “There’s no question that search is going on in Ireland.”
But Justice Samuel A. Alito appeared skeptical, recalling that the user’s nationality is unknown.
“If this person is not Irish and Ireland played no part in your decision to store the information there and there’s nothing that Ireland could do about it if you chose tomorrow to move it someplace else, it is a little difficult for me to see what Ireland’s interest is in this,” he said.
Justice Elena Kagan said the case boils down to two different interpretations of the 1986 law.
“I’m not sure how I pick between those two from the face of the statute,” she said.
• Alex Swoyer can be reached at aswoyer@washingtontimes.com.
Please read our comment policy before commenting.