Few people are as widely cited as Orin Kerr when it comes to the Stored Communications Act, so in the Microsoft search warrant case it’s nice to have him as an ally – even (or perhaps especially) an ally who came to our side a bit reluctantly.
Earlier, I posted my response to Orin’s first two blog posts about the Microsoft case, pointing out where we agreed and disagreed. Orin has now “Fisked” my response (dissecting it and replying point by point), but try as he might, he can’t wriggle free of our embrace. I won’t belabor the points on which we differ, but will just emphasize two key points of agreement.
First, Orin agrees that a government seizure of the emails would occur when Microsoft copied them in Ireland. This is a critical point, because the government contends that the statute would not be applying extraterritorially since no search or seizure would be occurring outside the United States. In the government’s view, “The warrant is served upon the provider here; the provider must produce its records to a law enforcement agent here; and if the provider fails to do so, the provider is subject to court sanction imposed here. There is no extraterritorial application of domestic law under these circumstances.” But if, as Orin acknowledges, a seizure would occur outside the US at the moment Microsoft copied the emails in Ireland in order to comply with the warrant, then the government’s argument that no relevant action would take place outside the United States falls to pieces.
In his latest post, Orin seems to walk back from his earlier acknowledgment that a seizure would occur in Ireland. He asserts now that a “Fourth Amendment seizure” would occur only if “the target is a US person with Fourth Amendment rights”—something we don’t yet know. But this misses the point. The question here is not whether the seizure would violate someone’s Fourth Amendment rights. The relevant issue is whether the warrant is directing that an action take place outside the United States. Orin agrees that it is. Since the warrant is indeed directing that an action take place outside the United States, then the government is clearly seeking to have the SCA apply extraterritorially.
The US government stands alone, then, in thinking that nothing relevant would be occurring on Irish soil. Certainly the European Union, the Irish government, and the owner of the email account would all agree with Orin and Microsoft (and Verizon and the Electronic Frontier Foundation) that the warrant is directing that action take place in Ireland.
Here’s an analogy: Imagine that the government wanted to obtain the contents of a file cabinet located in back of an office building in Mexico. Instead of asking the Mexican authorities to seize and transfer the files to the US, or sending in a team of DEA agents under cover of night to steal the files and bring them home, the government decided on a third way: hiring a drone operator in Texas to send a drone over the border into Mexico, where the plane deployed a mechanical arm to lift up the cabinet and bring the files back to Texas for examination. Would anyone seriously contend that no seizure took place in Mexico, just because the drone was operated by a person sitting in Texas and the files weren’t examined until they were in Texas? I doubt it. The answer shouldn’t be any different here just because the relevant evidence is in electronic form. The evidence still has a physical location, and it has to be taken from that location and brought back to the US.
Second, Orin agrees that “the current version of Rule 41” does not “authorize warrants for searches abroad” except in rare and irrelevant circumstances (involving US diplomatic posts and the like). That shouldn’t be surprising, given the plain language of the Rule and ample precedent saying that Rule 41 doesn’t authorize warrants for searches or seizures abroad. So that brings us back to the question of whether the SCA clearly authorizes warrants for searches and seizures abroad, and, as I noted in my earlier post, Orin agrees that it does not.
Finally, one other point is worth mentioning. Orin originally argued that if Microsoft won this case, the government could turn around and simply use a subpoena to get the same emails, under the Bank of Nova Scotia line of cases holding that grand jury subpoenas can be used to obtain company records held abroad. This, he suggested, would result in less privacy protection for Microsoft’s subscribers than requiring the government to establish probable cause and get a warrant from a judge. In response to my argument that it seemed unlikely that the government would or could use a subpoena to get a person’s emails abroad (which are in no sense Microsoft’s own business records), Orin now takes a new tack. He suggests that the government could, instead of obtaining just a search warrant, use “a combined subpoena and warrant”—“(1) a grand jury subpoena ordering the provider to transport a copy of the emails to the grand jury inside the US together with (2) a warrant ordering the provider to disclose the emails to investigators.” This is an interesting idea, but it doesn’t change the fact that the government has apparently never sought to use a subpoena to force a company to bring back into the US anything other than its own business records, and there’s no authority indicating that it could do so.
Moreover, even if it were viable, Orin’s alternative approach would actually provide more privacy protection than what the government is currently trying to do, not less. For it would require the government both to use a subpoena—which would require passing the Bank of Nova Scotia balancing test where production would violate foreign law—and to obtain a warrant from a judge, after proving probable cause. That’s what some might call a “belt and suspenders” approach.
Metaphors aside, ultimately this case is one of statutory interpretation. Did Congress clearly express an intent that the SCA permit the government to use a warrant to obtain emails located outside the US? The litigants and the bloggers have had their say. Now it’s up to the courts.