The Stored Communications Act (SCA) protects the privacy of electronic communications stored by service providers (that is, by companies offering an internet connection). This statute prohibits the government from accessing a user’s electronic files without a warrant supported by probable cause. But because Congress passed the statute in 1986 – before the use of the internet was so widespread – it did not specifically state whether or not the statute applied overseas.

Microsoft, a U.S. corporation, operates Outlook.com, a free web-based email service. When Microsoft customers send and receive Outlook emails, the company stores the emails on a network of servers housed in datacenters spread over 40 countries. Microsoft’s system automatically determines which datacenter will store emails based on the user’s self-reported country code. Once the data transfer is complete, Microsoft deletes all information associated with the account from its U.S.-based servers.

A federal judge issued an SCA warrant ordering Microsoft to disclose the contents of a particular user’s email account. Because those emails were located in its Dublin datacenter, Microsoft refused to comply, arguing that the SCA did not apply to data housed abroad The lower court disagreed and ordered Microsoft to comply with the warrant. The Company appealed. 

You Be the Judge: Does the SCA authorize the U.S. government to obtain emails stored exclusively on foreign servers? 

Argument for Microsoft:Your honors, Congress clearly did not intend the SCA’s warrant provisions to apply extraterritorially. If it did, it would have said so. The presumption against extraterritorial application of U.S. statutes is strong and binding. Courts must presume that Congress meant to legislate domestically unless the statute specifically mentions its extraterritorial application. 

The information sought in this case is stored in Dublin. No court should allow a fishing expedition into data stored beyond American borders. To enforce the warrant as the government proposes would be an unlawful extraterritorial application of the SCA and an intrusion on the privacy of Microsoft’s customers. 

Argument for the Government:In today’s globally-connected internet, information travels freely across borders. The fact that the data are stored abroad is irrelevant. Microsoft is a U.S. company and can obtain the requested information on its domestic computers without having to travel to Ireland to enter the premises there. The warrant only imposes obligations in the United States, where the government would review the digital content. 

Nothing in the SCA’s text, structure, purpose, or history indicates that Congress wanted to limit where electronic records could be seized. Preventing SCA warrants from reaching foreign servers would seriously impede U.S. law enforcement efforts. A wrongdoer could easily shield illegal content from the police just by reporting a different country code – a result that the SCA could not have intended. 

Holding:The Appeals Court held that the government could not compel Microsoft (or other Internet Service Providers) to turn over data stored overseas, even with a warrant.

Questions:

1. In this case, the main issue was a question of extraterritoriality. What does extraterritoriality mean?

2. Did the statute involved, the Stored Communications Act, say whether or not it applied extraterritorially?