This is not a new case, but it has finally reached the US Supreme Court. From a pure legal jurisdictional perspective, this case has wide-ranging ramifications as can be seen by the different arguments and the likely implications on businesses depending on the outcome.
Businesses of all shapes and sources are moving towards cloud solutions to take advantage of the efficiencies these solutions provide. But as they do that, they need to ensure that they weigh any legal or regulatory requirements that also impact them.
The issues at hand in this case (i.e. the rights of US law enforcement to access this data) are just one angle. Complying with GDPR is also a pressing factor and will require detailed knowledge of the cloud environment being used - never mind the practical side of being able to efficiently retrieve data en masse, if required for legal and/or regulatory requirements.
Cloud technologies provide great benefits and efficiencies to businesses. They just should not be jumped into blindly. This case illustrates why that is the case.
In United States v. Microsoft, Deputy Solicitor General Michael Dreeben argued that...the statute focuses on domestic conduct, not privacy. “It requires disclosure in a court order by the United States of information related to United States crime and here by a United States service provider,” Dreeben argued. But Microsoft’s lawyer, E. Joshua Rosenkranz of Orrick, Herrington & Sutcliffe, said the law’s focus is on “storage” and “enhancing the security of emails that were in electronic storage.” The 1986 act, he argued, does not apply outside of U.S. territory. Some justices struggled with interpreting and applying a 1986 law to technology that Congress never foresaw when enacting it.