Microsoft has been battling the USA over access to data for some time now. And the other big internet companies are backing it too. The USA wants to be able to access data held by Microsoft overseas. Microsoft claims that it does not have to hand it over on request – and that consumer and customer privacy concerns mean it would be a bad idea anyway.
The case has been going though the courts for some time. But it raises some profound questions about the power of companies and the power of the state in the internet age. At the moment most of the law applicable to companies is national law and most national law applies to ‘persons’ subject to the relevant nation state (although sometimes the jurisdiction of the courts is extended to crimes committed overseas). And companies are considered persons before the law.
Now while multinational companies certainly present as a monolithic presence, in fact in order to operate in a different country, it is necessary to set up a separate company registered in that country and subject to its laws. For commercial purposes this doesn’t matter much, since the country where the group is headquartered will own the overseas company and is therefore able to control it.
Companies like to play this both ways. As far as profits are concerned, they may be extracted by HQ as desired, but where a crime or environmental or human rights harm has been perpetrated, the overseas company is assigned responsibility. In this they are helped by the doctrine of the ‘corporate veil’ by which shareholders (including organisational shareholder) are not liable for the acts of their company.
So while we may now be seeing corporate acts through a glass darkly, it is possible that the Microsoft case may lift the obscuring veil. Of course, that would still leave the arguments about privacy. But those should be tackled on the basis of privacy issues, not of general corporate responsibility.