Proposed legislation unveiled Thursday seeks to undermine the Obama administration's position that any company with operations in the United States must comply with valid warrants for data, even when that data is stored on overseas servers.

The bipartisan Law Enforcement Access to Data Stored Abroad Act (LEADS Act) [PDF] comes in response to a federal judge's July decision ordering Microsoft to turn over e-mails stored on its Irish servers as part of a Department of Justice drug investigation. The Department of Justice argued that global jurisdiction is necessary in an age when "electronic communications are used extensively by criminals of all types in the United States and abroad, from fraudsters to hackers to drug dealers, in furtherance of violations of US law." New York US District Judge Loretta Preska agreed, ruling that "it is a question of control, not a question of the location of that information." The decision is stayed pending appeal.

Microsoft, along with a slew of other companies, maintains that the Obama administration's position in the case puts US tech companies into conflict with foreign data protection laws. And it fears that if the court decision stands, foreigners could lose more confidence in US companies' cloud and tech offerings, especially in the wake of the Edward Snowden revelations.

Under the new proposal by Senators Orrin Hatch (R-UT), Chris Coons (D-DE), and Dean Heller (R-NV), the US could still reach into global servers with a US search warrant, but it would be limited to obtaining Americans' data. If the US government wants a foreigner's data stored on foreign servers, it would have to follow the legal process of the nation where the servers reside.

Sen. Coons said that the US government's position in the Microsoft case "hurts our businesses’ competitiveness and costs American jobs."

Microsoft general counsel Brad Smith said the proposed legislation was a "key milestone" that would "strengthen the protection of Constitutional due process rights and limit the extraterritorial reach of search warrants." IBM echoed Smith in a statement, writing, "By introducing this legislation, Congress is taking a positive step to clarify and modernize the legal framework regarding government access to digital data."

The legislation also seeks to strengthen cloud-storage privacy laws in the US. As it now stands, a Reagan-era law allows police to get your e-mail or other cloud-stored content without a warrant, so long as it has been stored on a third-party's servers for at least six months. E-mail left on servers was considered abandoned and ripe for the government's taking, a position that has now been extended to all types of data stored in the cloud.

Adding to the complexity of the issue, a federal appeals court ruled in 2010 that warrants indeed were required for cloud content—prompting many, but not all, US service providers to demand them before releasing data to the authorities.

"Law enforcement agencies wishing to access Americans' data in the cloud ought to get a warrant,” Sen. Coons said.

Privacy advocates are less optimistic about the privacy protections of the LEADS Act, though.

Greg Nojeim, a senior attorney with the Center for Democracy & Technology, said the measure was a step forward for US respect toward data storage laws in other countries. But he worries about how well the bill's ideas would work in practice.

“Despite the bill’s strong elements, we can’t support the LEADS Act because we are concerned about how the provision authorizing long-arm warrants for the accounts of US persons would be administered, and whether we could reasonably expect reciprocity from other nations on such an approach," Nojeim said.