This story has been going on for some time now, but I thought that while not directly related to Green Rocket Security, it is important to point out. The US government has taken Microsoft to court again, though this time not for monopoly, but to compel them to provide emails stored on a server in Ireland. The point I want to make here isn’t strictly about security, but about compliance and privacy. For companies that sell globally, or even more important, store information about global customers, being in compliance with privacy statutes for the countries where the customer lives is not just critical, but extremely complex. As privacy regulations vary, sometimes wildly, from country to country, it is tough to always maintain consistency, and when a single country, such as the US government, tries to force their regulations on your data, you can be caught in a mess.
In this case, Microsoft is stating that the email is subject to protections in Ireland (which follows the EU privacy regulations which are very strict) while the US government is saying that since it is just “data”, they, as a US company, can just search for it without ever going to Ireland, and as such must hand it over, Irish laws be damned (my wording). Thankfully, Microsoft has very deep pockets to fight this one for us. The post I linked to points out a very good scenario that I feel the US government wouldn’t like very much were a foreign company allowed to search for data on a US citizen that happened to be held by a company of that foreign country.
The US government has lately shown that it is not always as benevolent as we would hope in its dealings on the Internet, and it seems certain that a ruling against Microsoft would have serious repercussions for US dominance of the Cloud.
So, say a thank you to Microsoft for this one. You may not like them, you may not use them, but in this particular case, they are fighting for us, and we should acknowledge as much.