Belgian Court Fines Microsoft For Failing To Comply With Its Impossible Order
from the we-said-JUMP dept
You can’t always get what you want. But if you try sometime, you just might fine… a company for being unable to deliver on the impossible.
Belgium has fined Skype €30,000 for failing to comply with a court request to intercept users’ communications, something Skype claims was technically impossible at the time of the request.
According to Het Belang van Limburg, a Dutch-language newspaper in Belgium, the fine was delivered by the court in Mechelen because Skype had failed, in September 2012, to deliver up anything more than metadata in response to an investigation into a criminal organisation.
The court, failing to understand anything but its power to order people around, demanded that Skype turn over communications. Skype turned over the only thing it could actually obtain, explaining that its architecture didn’t support the interception of calls. No dice. That only made the court angry.
The court was no more happy to have pointed out to it that Microsoft didn’t actually fall under its jurisdiction. It maintains no data centers in Belgium, nor does it have anyone employed there. Microsoft suggested the court work with governments of countries where it actually maintains a presence and utilize their mutual assistance treaties.
None of these facts appear to have mattered. The court says Microsoft should be able to do the impossible because the law is the law.
Het Belang van Limburg quoted prosecutor Tim Hoogenbemt as saying: “Skype offers services in our country, so it needs to know the laws. And therefore know that the court may ask interception measures.”
Sometimes the law isn’t the law, though. Microsoft pointed out the law doesn’t actually apply to it since it’s a software provider, rather than a service provider.
And sometimes the law is an ass. The fine is still in place despite arguments of impossibility, illegality, and “not applicable” to the contrary. It may not stick. Microsoft is appealing the decision.
This isn’t the first time Belgian courts have overreached. Back in 2009, Belgian officials blew off perfectly workable mutual assistance treaties, demanding user information directly from Yahoo’s US headquarters. Yahoo, like Microsoft, pointed out that it has no data centers or employees in Belgium. Instead of rethinking its approach, the government took the company to criminal court. That court, like this one, decided to fine the company for doing the exact thing it was supposed to be doing: protecting its users’ privacy.
And that’s not the limit of Belgian exceptionalism. A “royal decree” from the Belgian government (which bypasses the Parliamentary approval process needed for actual legislation) forces ISPs to collect and store tons of info on their subscribers, including how many emails are sent, VoIP use (hello, Skype!), call metadata, etc. — just in case law enforcement might need it. When it was pointed out this decree violated the EU’s privacy directive, the government shrugged and called the agreement it signed “obsolete.”
Given these decisions, it’s not even useful advice to suggest just not doing business in Belgium. It quite obviously doesn’t matter to the courts where the data or communications they’re seeking are actually located.