Microsoft recently dropped one of their lawsuits against the United States federal government. The lawsuit that is being dismissed was originally filed in the spring of last year and challenged the indefinite secrecy orders under the Electronic Communications Privacy Act of 1986 that the federal government had frequently been using. Over a period of a year and a half, the federal government had issued thousands of secrecy orders, the majority of which were indefinite secrecy orders. Under the secrecy orders Microsoft was forbidden from informing the customers that the government had searched and seized emails and records related to their e-mail account. Microsoft and civil liberties advocates argued that the government’s secrecy orders violated the 1st and 4th amendments of the United States Constitution.
Microsoft’s 1st amendment rights were infringed upon by the secrecy orders in that they were being gagged by the orders and prevented from telling customers about the searches. Customers 4th amendment rights were violated in that they were not informed of the warrants executed against their email account. “We believe strongly that these fundamental protections should not disappear just because customers store their personal information in the cloud rather than in file cabinets or desk drawers. We were not alone in this belief, as a diverse and broad array of companies, academics, business groups, civil liberties organizations and former law-enforcement officials signed amicus briefs in support of our position in the case,” Microsoft’s Chief Legal Officer Brad Smith said in a blog post on Microsoft’s site.
According to Smith, the company made the decision to drop the lawsuit after the United States Deputy Attorney General Rod Rosenstein issued a new memorandum in which he ordered attorneys with the Department of Justice to limit the scope and use of secrecy orders. Most secrecy orders will now only apply for periods of time of a year or less, and the memorandum states that orders are supposed to, “have an appropriate factual basis and each should extend only as long as necessary to satisfy the government’s interest.”
Microsoft is calling on the United States Senate to pass the bipartisan Electronic Communications Privacy Act Modernization Act of 2017, introduced by Republican Senator Mike Lee of Utah and Democratic Senator Patrick Leahy of Vermont. That bill was recently amended to remove a provision that would have required the government to inform a user when a warrant has been executed against their e-mail account. However, service providers would be free to notify users under the bill A similar bipartisan bill to reform the Electronics Communications Privacy Act of 1986 passed in the House of Representatives in their last session and earlier this year. “It is time to update this outdated 1986 law that regulates government access to contemporary electronic communications,” Microsoft’s Brad Smith said in the blog post.
Microsoft’s other major lawsuit against the United States government awaits a hearing in the Supreme Court. That case also relates to the Electronic Communications Privacy Act of 1986. In that case the government is seeking to force Microsoft to turn over emails stored on servers located outside of the United States. The emails that the government is seeking belong to a suspected Silk Road staff member. The Supreme Court will resolve the split between different circuit courts. While the Second Court of Appeals ruled in favor of Microsoft, other circuit courts have ruled that Google was forced to turn over data stored on foreign servers with a warrant issued under the Stored Communications Act/Electronic Communications Privacy Act of 1986.
Twitter is continuing to fight a similar lawsuit in federal court in Northern California against the federal government’s secrecy orders. Microsoft and other tech companies have been publicly pushing for the protection of user privacy rights. This comes in the wake of the disclosures from NSA whistleblower Edward Snowden which showed that Microsoft and other tech companies provided access to the user data through the NSA’s PRISM mass surveillance program.