Ireland Becoming The Key Spot In Fights Over Data Privacy: Both Concerning Governments And Tech Companies

from the this-is-the-big-fight dept

There’s a really big battle brewing concerning privacy protections online that involves some Silicon Valley tech companies, Ireland and the US government. And chances are this fight is going to get nasty. A few weeks ago, you might have heard that Twitter announced an interesting change in its privacy policy and terms of service, saying that all non-US users would technically now be managed under Twitter International Company, based in Dublin, Ireland. And, last week, Dropbox made a very similar announcement, noting that all non-North American users were now technically under Dropbox Ireland, while users in the US, Canada and Mexico remain under Dropbox in the US. Twitter’s new terms go into effect on May 18th, and Dropbox’s on June 1st (unless you’re opening a new account before then, and the new terms apply immediately).

Over the last decade, Ireland has become a popular destination for US tech firms to set up international operations, in part because of Ireland setting itself up as sort of a tax haven for tech firms via its “Double Irish” tax dodge. A bunch of tech companies have been criticized for this, though the response of “we’re following exactly what the law allows” is reasonable enough. Either way, that tax loophole is closing, though others may show up instead.

But this move doesn’t seem predicated by that. Instead, there are two related elements that may be at work here. First: Ireland is also seen as having some of the most company-friendly privacy laws in the EU, though those are also coming under some amount of scrutiny. But, at the same time, by claiming that users are now under the Irish company, it gives Twitter and Dropbox at least some power to try to say no to US government requests for information. So, depending on if you’re more afraid of government intrusions in your data than corporate intrusions (as I am), then these moves are probably good for your privacy.

Except… the US government still thinks that it can do whatever the hell it wants. First, in some ways, data inside the US has potentially more protections against the US government in a somewhat bizarre way. Whether you believe it or not, the NSA cannot “hack” its way into US computer systems. It can only use the various other processes it has to demand information from companies. Overseas, however, there are no such restrictions. The NSA has interpreted Executive Order 12333 to mean that it can hack into anything overseas, and this was the authority it used to break into the data centers of Google, Yahoo and likely more overseas (sneaking in via Level 3 and others).

But, that still requires hacking into stuff. If US tech companies believe they can successfully fend off such hacks, putting non-US users under Irish law does give them greater protection from the NSA. The NSA can no longer use its other authorities in the US to get the FISA Court to demand information (along with gag orders) from these companies. Or… maybe not. As we’ve been discussing, there’s an ongoing court battle between the US Justice Department and Microsoft, over whether or not the DOJ can issue a warrant demanding Microsoft hand over information stored in Ireland. Microsoft has resisted, but the courts have so far sided with the DOJ. Ireland recognizes this is an important fight, and has asked for the EU to come out in support of Microsoft’s position.

Meanwhile, with a new Attorney General in office, the DOJ has made it clear that it’s going to continue this course of action:

US prosecutors will continue to seek data stored in Ireland using a federal search warrant, despite leadership changes at the Justice Department.

A spokesperson confirmed in an email that the department’s position has “not changed,” two weeks after Loretta Lynch, the Obama administration’s choice to head up the federal agency, was confirmed by Congress as the new US attorney general.

This battle is going to be rather important for those other companies seeking to protect users under Irish law. Warrants aren’t supposed to apply outside of the US. But the DOJ (and the courts) have been simply making up new laws, in arguing that if it’s a US company, but the data is overseas, the warrant magically morphs into a quasi-warrant/subpoena hybrid. But that’s ridiculous. Warrants and subpoenas have different purposes and different protections — and the DOJ wants the best of both worlds. As Microsoft itself explained in one of its legal filings:

The Government’s interpretation ignores the profound and well established differences between a warrant and a subpoena. A warrant gives the Government the power to seize evidence without notice or affording an opportunity to challenge the seizure in advance. But it requires a specific description (supported by probable cause) of the thing to be seized and the place to be searched and that place must be in the United States. A subpoena duces tecum, on the other hand, does not authorize a search and seizure of the private communications of a third party. Rather. it gives the Government the power to require a person to collect items within her possession, custody, or control, regardless of location, and bring them to court at an appointed time. It also affords the recipient an opportunity to move in advance to quash. Here, the Government wants to exploit the power of a warrant and the sweeping geographic scope of a subpoena, without having to comply with fundamental protections provided by either. There is not a shred of support in the statute or its legislative history for the proposition that Congress intended to allow the Government to mix and match like this.

This fight is far from over — and with companies like Twitter and Dropbox now trying to shift more non-US users under Irish laws, the fight with Microsoft is going to become even more important.

And, that’s not even getting into the discussion of how all of this is, effectively, driving US businesses overseas. The US’s efforts to spy on everyone is, once again, harming the US economy, rather than helping it.

Filed Under: , , , , ,
Companies: dropbox, microsoft, twitter

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Ireland Becoming The Key Spot In Fights Over Data Privacy: Both Concerning Governments And Tech Companies”

Subscribe: RSS Leave a comment
Anonymous Anonymous Coward says:


I think the question in the end will be what is more important to the government, 1. the economy, 2. the Constitution and the already existing rights iterated therein, or 3. the power that comes from ignoring both of the above and grasping for more, more, more. I think 3, and it will be some future president (not likely the next one whomever that might be because it is too near term) who will finally scream…but the economy…and slow the bureaucracy down, but not stop them.

The people, leaving out corporate persons, probably want number 2 but don’t yet understand how they are being undermined.

Corporations, number 1 hands down, and they do not care who or what they rollover to get there, until number 3 comes a-knocking at their doors.

Balance you say…ROFLMOL.

Ninja (profile) says:

If the EU backs Ireland this can get pretty interesting and bloody fast. And I think there are strong reasons for the EU to do so. The US has to be put back in its place, they don’t own the world.

I wonder what will happen if the EU weights in. Will the US Govt back off (at least publicly)? Or will they act as they own the world and push Microsoft to obey anyway? The latter would completely kill any trust left in American companies thus actively and deeply harming the US economy. I wonder if the Govt cares or if they are too blind with their power hunger…

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...