• At Kemp Little, we are known for our ability to serve the very particular needs of a large but diverse technology client base. Our hands-on industry know-how makes us a good fit with many of the world's biggest technology and digital media businesses, yet means we are equally relevant to companies with a technology bias, in sectors such as professional services, financial services, retail, travel and healthcare.
  • Kemp Little specialises in the technology and digital media sectors and provides a range of legal services that are crucial to fast-moving, innovative businesses.Our blend of sector awareness, technical excellence and responsiveness, means we are regularly ranked as a leading firm by directories such as Legal 500, Chambers and PLC Which Lawyer. Our practice areas cover a wide range of legal issues and advice.
  • Our Commercial Technology team has established itself as one of the strongest in the UK. We are ranked in Legal 500, Chambers & Partners and PLC Which Lawyer, with four of our partners recommended.
  • Our team provides practical and commercial advice founded on years of experience and technical know-how to technology and digital media companies that need to be alert to the rules and regulations of competition law.
  • Our Corporate Practice has a reputation for delivering sound legal advice, backed up with extensive industry experience and credentials, to get the best results from technology and digital media transactions.
  • In the fast-changing world of employment law our clients need practical, commercial and cost-effective advice. They get this from our team of employment law professionals.
  • Our team of leading IP advisors deliver cost-effective, strategic and commercial advice to ensure that your IP assets are protected and leveraged to add real value to your business.
  • Our litigation practice advises on all aspects of dispute resolution, with a particular focus on ownership, exploitation and infringement of intellectual property rights and commercial disputes in the technology sector.
  • We have an industry-leading reputation for our outsourcing expertise. Our professionals deliver credible legal advice to providers and acquirers of IT and business process outsourcing (BPO) services.
  • We work alongside companies, many with disruptive technologies, that seek funding, as well as with the venture capital firms, institutional investors and corporate ventures that want to invest in exciting business opportunities.
  • Our regulatory specialists work alongside Kemp Little’s corporate and commercial professionals to help meet their compliance obligations.
  • With a service that is commercial and responsive to our clients’ needs, you will find our tax advice easy to understand, cost-effective and geared towards maximising your tax benefits.
  • At Kemp Little, we advise clients in diverse sectors where technology is fundamental to the ongoing success of their businesses.They include companies that provide technology as a service and businesses where the use of technology is key to their business model, enabling them to bring their product or service to market.
  • We bring our commercial understanding of digital business models, our legal expertise and our reputation for delivering high quality, cost-effective services to this dynamic sector.
  • Acting for market leaders and market changers within the media industry, we combine in-depth knowledge of the structural technology that underpins content delivery and the impact of digitisation on the rights of producers and consumers.
  • We understand the risks facing this sector and work with our clients to conquer those challenges. Testimony to our success is the continued growth in our team of professionals and the clients we serve.
  • We advise at the forefront of the technological intersection between life sciences and healthcare. We advise leading technology and data analytics providers, healthcare institutions as well as manufacturers of medical devices, pharmaceuticals and biotechnological products.
  • For clients operating in the online sector, our teams are structured to meet their commercial, financing, M&A, competition and regulatory, employment and intellectual property legal needs.
  • Our focus on technology makes us especially well positioned to give advice on the legal aspects of digital marketing. We advise on high-profile, multi-channel, cross-border cases and on highly complex campaigns.
  • The mobile and telecoms sector is fast changing and hugely dependent on technology advances. We help mobile and wireless and fixed telecoms clients to tackle the legal challenges that this evolving sector presents.
  • Whether ERP, Linux or Windows; software or infrastructure as a service in the cloud, in a virtualised environment, or as a mobile or service-oriented architecture, we have the experience to resolve legal issues across the spectrum of commercial computer platforms.
  • Our clients trust us to apply our solutions and know-how to help them make the best use of technology in structuring deals, mitigating key risks to their businesses and in achieving their commercial objectives.
  • We have extensive experience of advising customers and suppliers in the retail sector on technology development, licensing and supply projects, and in advising on all aspects of procurement and online operations.
  • Our legal professionals work alongside social media providers and users in relation to the commercial, privacy, data, advertising, intellectual property, employment and corporate issues that arise in this dynamic sector.
  • Our years of working alongside diverse software clients have given us an in-depth understanding of the dynamics of the software marketplace, market practice and alternative negotiating strategies.
  • Working with direct providers of travel services, including aggregators, facilitators and suppliers of transport and technology, our team has developed a unique specialist knowledge of the sector
  • Your life as an entrepreneur is full of daily challenges as you seek to grow your business. One of the key strengths of our firm is that we understand these challenges.
  • Kemp Little is trusted by some of the world’s leading luxury brands and some of the most innovative e-commerce retailers changing the face of the industry.
  • HR Bytes is an exclusive, comprehensive, online service that will provide you with a wide range of practical, insightful and current employment law information. HR Bytes members get priority booking for events, key insight and a range of employment materials for free.
  • FlightDeck is our portal designed especially with start-up and emerging technology businesses in mind to help you get your business up and running in the right way. We provide a free pack of all the things no-one tells you and things they don’t give away to get you started.

United States v Microsoft - how private is your cloud?

For a number of years, one of the most hotly debated topics involving cloud computing has been around the security, confidentiality and integrity of the data that is being in-putted and stored in the cloud. This being the case, customer focus is often targeted at the measures the cloud provider will implement to ensure data is being held securely. One aspect which is sometimes overlooked however, is the extent to which data that is stored in the cloud is capable of being forcibly disclosed to government and law enforcement agencies.

The USA PATRIOT Act[1], for example, allows for US governmental surveillance and capture of certain types of data. The USA PATRIOT ACT is just one example of the latest evolution of long standing laws that has permitted various forms of governmental access to personal data and communications in the context of national security and law enforcement. These types of powers are not just confined the US and are becoming increasingly commonplace across the globe – the UK for example has similar types of legislation in the form of the Regulation of Investigatory Powers Act 2000 (RIPA) and more recently the controversial Data Retention and Investigatory Powers Act 2014 (DRIPA). While the extent of these powers do vary between countries, this raises the primary question as to whether the jurisdiction in which data is hosted by cloud providers is the only jurisdiction which can forcibly require the disclosure of that data?

Microsoft has currently been involved in this very question. In January 2014, Microsoft announced that in response to customer concerns over governmental surveillance in the US, it would let its non-US customers choose where their data is hosted, right down to the location of the data centre(s) used[2].

Shortly before this announcement, in December 2013 a warrant was issued by a magistrate judge of the Southern District of New York following an application on behalf of the United States government under the Stored Communications Act[3] (“SCA”).  The warrant authorised the disclosure of data related to a web-based email account that hosted by Microsoft in Dublin, Ireland. 

Microsoft partially appealed the issuing of this warrant to the extent it related to data stored on servers located outside of the United States. However, in April 2014 Judge James C Francis IV denied Microsoft’s motion to set aside the warrant[4].  While the reasoning for the decision was varied, the core theme throughout was concern from the Judge that if the court agreed with Microsoft, US based service providers could circumvent and severely hinder US law enforcement investigations, by simply moving data offshore (and the Judge cited Google’s publicised proposal to create data centres in international waters as an example as to why he could not allow Microsoft’s motion). The Judge concluded:

“…Even when applied to information that is stored in servers abroad, an SCA Warrant does not violate the presumption against extraterritorial application of American law. Accordingly, Microsoft's motion to quash in part the warrant at issue is denied…

Microsoft challenged this decision, and was supported by a number of other technology companies that filed briefs in support of Microsoft's position, including AT&T Inc, Apple Inc, Cisco Systems Inc and Verizon Communications Inc. The essence of these arguments were that the courts of one country cannot exercise their power unilaterally outside of their territorial jurisdiction, and where they wish to do so, they must follow established international agreements involving the jurisdiction in question, known as Mutual Legal Assistance Treaties or MLATs. If internationally operating US businesses complied with these types of orders, they would breach foreign data protection laws, and refusing to comply would breach domestic US law, placing these businesses in an impossible position.  

On 31st July, the US District Judge Loretta Preska nonetheless rejected these arguments and found in favour of the US government, upholding the warrant. The Judge found that:

“…Congress intended…for ISPs to produce information under their control, albeit stored abroad to law enforcement in the United States […]. As Judge Francis found, it is a question of control, not a question of the location of that information …”

Following this hearing, Microsoft was provided 5 days to hand over the emails as per the original order or face being in contempt of a court order. Microsoft announced shortly after the hearing that it would not be complying with the court order. Microsoft's Executive Vice President and General Counsel Brad Smith, continued: "…The only issue that was certain this morning was that the District Court’s decision would not represent the final step in this process. We will appeal promptly and continue to advocate that people’s email deserves strong privacy protection in the U.S. and around the world…."[5] 

Microsoft’s resistance to the warrant and court orders clearly and openly demonstrate the importance of this topic.  Customer concerns about data location, security, access and integrity are genuine and have the impact to make or destroy a cloud business.  These were always key discussion points for the cloud but the last 18 months of news stories regarding government surveillance have heightened the awareness and importance. Despite these concerns, governments across the globe recognise that while surveillance is not popular, it is critical in the interests of national security and the continuing efforts to combat terrorism. For both these reasons, it seems likely that neither Microsoft nor the US government will back down and that this court battle will be appealed to the highest level before a resolution is achieved. Governments, providers of cloud services and users of cloud services will all be watching the outcome of this closely.  

For further information contact Edwin Baker

 

 

[1] Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (“USA PATRIOT Act”) of 2001 Pub. L. No. 107-56, 115 Stat. 272 (2001).

[3] codified at 18 U.S.C. §§ 2701-2712