Re: Sloppy corporate structure. Sloppy security. Sloppy access rights
"I'm pretty sure no-one in the US has access. But, as the district judge has realised, they can give orders to the people that do, even if they are under European data protection laws"
If nobody in the US had access I don't think there'd be a problem: Judge orders MS/US to pass on the orders. MS/US passes on the orders. MS/IE says "Got the orders. Sorry, can't follow them, local legislation forbids.". MS/US tells judge they passed on the orders but they were countermanded outside their (MS/US's) remit.