Microsoft has admitted that it will hand over data to the U.S. government, if properly requested, even if that data is stored somewhere other than the U.S.
The issue, according to ZDNet’s Zack Whittaker, is that because Microsoft is a U.S. company it has to comply with the Patriot Act, and that means handing over data that may be offshore. The same rules would apply to Amazon Web Services and any other U.S. based cloud provider that has servers overseas.
The admission came during the Office 365 launch. According to Whittaker, Managing Director of Microsoft UK fielded a question about whether Microsoft could guarantee that data stored in the European Union would stay in the EU, even if it was requested by the U.S. government under the Patriot Act. Whittaker said Microsoft could not make that guarantee.
“Any data which is housed, stored or processed by a company, which is a U.S. based company or is wholly owned by a U.S. parent company, is vulnerable to interception and inspection by U.S. authorities,” writes Whittaker. “While it has been suspected for some time, this is the first time Microsoft, or any other company, has given this answer.”
Last week the FBI seized a server from Instapaper during an unrelated raid on colocation provider DigitalOne. Now Microsoft has made it clear that data housed in other countries might be subject to the same treatment.