Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

The New Zealand Privacy Commissioner has filed a submission in the United States Supreme Court in a case concerning the execution of a US search warrant to access information held in servers outside the United States. 

This case potentially has significant implications, including for individuals and companies in New Zealand, as in other countries. It could also have a wider and longer term impact on how data protection law is interpreted, applied and developed.

The case on appeal, United States v Microsoft, concerns a search warrant granted by a US Federal Court under the Stored Communications Act 1986 for the US government to access the private email of an individual (suspected of drug trafficking) and other data held by Microsoft in an Irish data centre.

The appeal has been brought because the US government wants to rely upon US domestic search warrant legislation to access the data, rather than making a mutual assistance request to the Irish government.

The New Zealand Privacy Commissioner John Edwards has submitted that the US Supreme Court should uphold the principle against extraterritorial application of legislation. That principle is well-established in the US and is recognised in New Zealand and international law. In the judgment under appeal, the US Court of Appeals for the Second Circuit relied upon the longstanding principle that legislation does not, in general, extend into the territory of another country. The US government has appealed that decision to the Supreme Court on the ground that because Microsoft is able to retrieve the data from within the US, there is no question of extraterritorial application.

Mr Edwards also submitted that should a search warrant be executed by the US government in respect of data held within New Zealand, this would likely breach New Zealand law, but he notes that data can be obtained across national borders by mutual assistance requests and related agreements, thereby complying with New Zealand privacy law and related protections. For example, New Zealand mutual assistance legislation provides protections where information is requested in an overseas case that might result in the imposition of the death penalty. A wide interpretation of the US legislation would circumvent that protection.

Mr Edwards submits the Supreme Court should continue to be guided by these longstanding legal principles that allow for cooperation for law enforcement access to information as well as cross-border exchanges of information and ICT more broadly – while ensuring data-holding entities like Microsoft are not saddled with conflicting legal obligations.  Noting these legal principles are critical to advancing the increasingly important objectives of cooperative criminal enforcement and respect for each jurisdiction’s laws, especially as the US, NZ and other countries work together to respond effectively to the growing challenges of transnational crime and related threats.

The Privacy Commissioner's written submission has been made under US Supreme Court procedure, which permits third parties - including those outside the US - to make submissions where an appeal will or may affect that third party's interest.

The appeal is to be heard by the US Supreme Court in 2018. The Privacy Commissioner's brief is available here along with those filed by other parties. It now available from our office here.

For more information, contact Charles Mabbett on 021 509 735.