Microsoft had said the warrant could not reach emails on the Dublin server because U.S. law did not apply there.
The Redmond, Washington-based company also said enforcing the warrant could spark a global “free-for-all,” where law enforcement authorities elsewhere might seize emails belonging to Americans and stored in the United States.
Federal prosecutors countered that quashing warrants such as Microsoft’s would impede their own law enforcement efforts.
But Judge Carney said limiting the reach of warrants serves “the interest of comity” that normally governs cross-border criminal investigations.
She said that comity is also reflected in treaties between the United States and all European Union countries, including Ireland, to assist each other in such probes.
Some law enforcement officials have said obtaining such assistance can, nonetheless, be cumbersome and time-consuming.
The Justice Department is working on a bilateral plan to streamline how U.S. and British authorities request data from companies in each other’s country.
A bipartisan bill was introduced in the U.S. Senate in May to clarify when and where law enforcement may access electronic communications of U.S. citizens.
Circuit Judge Gerard Lynch, who concurred in the judgment, urged Congress to modernize the “badly outdated” 1986 law to strike a better balance between law enforcement needs and users’ privacy interests and expectations.
Lynch said the law, as it stands now, lets Microsoft thwart an otherwise justified demand to turn over emails by the “simple expedient” of choosing to store them outside the United States.
“I concur in the result, but without any illusion that the result should even be regarded as a rational policy outcome, let alone celebrated as a milestone in protecting privacy,” he wrote.
The case is In re: Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corp, 2ndU.S. Circuit Court of Appeals, No. 14-2985.