What does a search warrant for an email get you? It doesn’t get you an email — an email isn’t a physical object. What it gets you is access to the server where the email “lives.” Does it matter, then, where the server is located? Are some servers, and the emails in them, outside the reach of U.S. law?

Those are the hard questions confronting the 2nd U.S. Circuit Court of Appeals in United States v. Microsoft Corp. As arcane as it may sound, the case has a great deal to tell us about the tech sector’s views on privacy and surveillance — and about the ways the landscape of privacy law may be about to change irrevocably.

In December 2013, federal agents conducting a drug investigation issued a warrant to Microsoft: Turn over emails from an Outlook account belonging to a suspect. Microsoft refused: The emails weren’t within U.S. jurisdiction, because the server farm hosting them was housed in Dublin. A magistrate judge and a federal district court both ordered the company to give up the emails. Both times, Microsoft refused and appealed.

The company’s argument is simple: The search warrant is illegal because American warrants are unenforceable outside American borders. Courts have long presumed that federal statutes — including the Electronic Communications Privacy Act, the law in question here — do not apply outside the United States unless Congress explicitly dictates they do. In the view of Microsoft’s lawyers, the “ECPA’s text and history show Congress believed the law would only apply domestically.”

By Microsoft’s reckoning, it is Irish law, not American law, that governs the emails in question. If the U.S. government does indeed require the emails, it must go through the Irish government, using well-established protocols and bilateral instruments. The U.S. government, Microsoft argues in its appeal, would expect the same treatment from a foreign government: “The Golden Rule applies as much to international relations as to other human relations. If the Government prevails here, the United States will have no ground to complain when foreign agents — be they friend or foe — raid Microsoft offices in their jurisdictions and order them to download U.S. citizens’ private emails from computers located in this country.”

Here, as in all things, context matters. What context? The prior years’ troubling revelations regarding National Security Agency surveillance. The PRISM data mining program. Edward Snowden’s disclosures. Take your pick. What they add up to is a picture of a U.S. government run amok surveilling and spying — an image that threatens real damage to the interests of tech companies, whether or not they were complicit in the spying.

“A perception exists in foreign countries that your data is only a heartbeat away from being given to U.S. law enforcement,” Jennifer Archie, a partner with law firm Latham & Watkins, told the Christian Science Monitor.

So for Microsoft and its tech allies, this case is only partly a struggle over the specifics of the ECPA and U.S. jurisdiction. Microsoft’s position is really a shrewd piece of international marketing: reassuring foreign clients and customers that their information is safe from Big Brother’s prying eyes. That is perhaps why Microsoft General Counsel Brad Smith considers the outcome of the case “fundamental to the future of global technology.” And why Microsoft enlisted the support of tech heavyweights last week to file amicus briefs in defense of its position. Apple, Amazon and eBay joined 25 other technology and media companies and 23 trade associations and advocacy organizations in standing with Microsoft and against the government.

For the government, on the other hand, the case is about the shortest line between the information it needs and the servers that hold it. The bottom line, from the feds’ perspective, is that the emails in question were sent by an American, and that the servers housing them belong to an American company subject to American laws — an area covered by the Stored Communications Act, which the government argues gives it the right to retrieve the information it needs. Emails in the cloud are not gold bars in Swiss bank accounts: Wherever the data are stored, the service provider owns the information and can disclose it. Going through the Irish government would undeniably add time, effort and expense to an already complicated case, setting a precedent that would make future prosecutions more difficult.

Whatever the outcome of the appellate case, it is likely that it will go all the way to the Supreme Court, and that Congress will be forced to revisit both the ECPA and the SCA. It’s too soon to predict the outcome of this legal wrangling. But it’s frightening that our government is openly staking a claim to data anywhere in the world. It’s equally frightening that the tech companies that have emerged here as the protectors of privacy have been just as willing to abuse and monetize user data when it suits their own interests. Scariest of all, this conflict, as consequential as it is for the future of privacy, is taking place largely below the radar and out of sight.