US orders diplomats to fight data sovereignty initiatives
reuters.com384 points by colinhb 8 hours ago
384 points by colinhb 8 hours ago
It's not even just data stored on US servers. According to the CLOUD Act, any data stored by a US company, regardless of location, can be demanded by any authority in the US.
No sovereign nation should use US companies for data storage or processing. Period.
The attempts to shift to open source or non-US services are inevitably hobbled by US companies lobbying (read: bribing) politicians.
> No sovereign nation should use US companies for data storage or processing. Period.
So what is Europe supposed to do just stop pretending to be sovereign?
We are pivoting out of a huge number of US services at my job. I think windows, Google, PaloAltoNetworks and Aws will be the last we leave, but infoblox is out next year (that's part of my job right now), and old Cisco hardware will stop being replaced by new Cisco hardware in 6 months.
Palo is starting to require telemetry that sends realtime data on rulebase and hitcount from every firewall to increase support effectiveness.
Similarly, in the 2000s, the US pushed back against the development of Galileo and preferred that Europe continue relying on GPS. That created tensions between the US and the EU.
Fighting data sovereignty is a losing battle for the US: data are too strategic to outsource, even to allies.
[0] https://en.wikipedia.org/wiki/Galileo_(satellite_navigation)
I can’t imagine how any country would think the US is trustworthy enough to be the place where everyone stores their data. If companies cannot comply with data sovereignty laws then they shouldn’t exist at all. Personally, even as a US citizen, I’m hoping tech companies in Europe and Asia become independent enough to no longer be beholden to US interests. It’s clear that the era where any one country has global hegemony should end.
I do not trust anyone with my data. This is just my preference but every year I move further and further away from using the internet for anything other than making comments on this site and watching a few vloggers. In a few years I will not have more than 3 to 5 logins on anything and those will be value add and must be within driving distance. All critical services I use will require walking into a building in person.
If I could find a reputable construction company to build my underground home I would be a true troglodyte.
> If I could find a reputable construction company to build my underground home I would be a true troglodyte
If you have the resources you could always buy an existing underground structure and renovate. Like a missile silo. Or buy an already renovated one:
https://washingtonmissilebase.com/
I imagine upkeep is pretty expensive, probably needs a lot of HVAC, dehumidifying, pumping, etc to keep you from dying due to weird mold and stuff lol
I looked at many of those. Plenty of people are indeed upgrading silos. I looked at the cost to repair and overhaul these facilities but it would be just a little more to do it right on my property with high performance high pressure concrete and do it right in a place outside of the nuclear sponge. Only challenge is getting the right people up here but I will not give up on the idea.
> I do not trust anyone with my data.
Then why give it up in the first place? "Because you have to" is probably going to be the argument, but I don't buy that.
I'm glad you agree. It will take more than you or I to put a stop to this for people not yet on the internet but I will ask the US government to help.
Usually, when you want to have people not know who built what, you use an LLC.
THEN the LLC hires the subcontractors in stages without them knowing about each other.
Youd take about 5 years, but itd be about as secure as you could be if you lost trust in soceity.
It’s a trope in survivalist fiction. The contractors hired to build a bunker are often the first to attempt a breach once a crisis hits.
Yes, everyone who works on the bunker will know about it; and all these billionaires are trying to build their survivalist camps but dont actually consider any of the easily/practically broken parts of society they implicitly rely on.
Realistically, society we know it won't survive if it dwindles to beneath a couple of millions.
It seems to me that major US cloud companies are using politics to try to get more value from non-US data, which I believe will push the EU (and others) to accelerate the move to their own alternatives. This is another move that seems to sacrifice longer-term trust (and profits) to boost near-term profits.
Depends how much compromising information they already have access to on the politicians concerned :-)
Please don't stop us having access to your information, else we will destroy you with the information we already hold :-)
I can’t imagine such a thing either, but here in Europe plenty of organisations continue planning on increasing their reliance and lock-in on American tech corps.
Which is perfectly fine (albeit perhaps stupid, I agree) for private enterprise. It's the public ones that need to shift first and foremost.
I'm a US citizen and I hope more of the world decouples because I think a lot of our issues are due to a lack of competition.
Even as a US citizen ... I have started to decouple from US business that hold my data.
Same. I don't trust the US as much as the rest of the world does not trust them. They want control with little to offer for it. My data and compute is safer offshore at this time.
Control is one part of it. The other concerning part is leaks and sharing it with third parties.
But we have our own issues outside of the US.
They reality is the average person is between a rock and a hard place.
Major US tech businesses are making money with analytics/ads though, so they would never roll out end-to-end encryption in a serious way. At least outside the US, a lot of E2E-encrypted services are popping up (Proton, Zeitkapsl, etc.).
I don't trust the small number of E2E US services at all. E.g., some of the companies that were/are in PRISM seem to have very convenient 'accidental' backdoors. E.g. WhatsApp doing backups on Google Drive without encryption by default on Android or Apple doing iCloud backups of iMessage that are not E2E encrypted unless you enable ADP. And even if you are wise enough to enable E2E in both cases, most people that you communicate with don't, because they use the defaults, so it's game over anyway.
I mean Europe just fundamentally doesn't think privacy should apply to the government.
On the other hand Apple can no longer off ADP in the UK.[0]
That some businesses are not trustworthy seems less a concern for me, than that many governments would like to make all business insecure by design.
In the EU, we have been fighting a bitter battle against Chat Control X.Y for some time now.
That won't change until Ursula von der Leyen goes. Her nickname in Germany (since 2009) is Zensursula, because she attempted to build a pan-German firewall.
She failed in Germany, but she may yet succeed in the entire EU.
This. When I look at why my life sucks and is on hard difficulty mode, it's not because I use US tech instead of EU tech. Most people and companies have bigger economic challenges right now trying to keep the lights on, than data sovereignty and domestic alternatives. My company just had a 3rd round of layoffs and its wasn't due to lack of EU SW.
The lack of data sovereignty does have large geopolitical consequences though. Without data sovereignty of EU government services and businesses, the US can blackmail EU continuously or even worse, in the case of e.g. a conflict over Greenland, cause chaos by turning off access to US tech. So for the EU, tech sovereignty is a matter of life and death.
Also, a lot of crap in Western countries is caused by tech broligarchs enriching themselves in favor of workers en destroying democracy for tech feudalism. So if we can bring down their sales Tesla-style, I'm all in for it.
>Also, a lot of crap in Western countries is caused by tech broligarchs enriching themselves in favor of workers en destroying democracy for tech feudalism.
Not true. The reason my Col is off the charts, salary low and housing unaffordable is due to EU central bank printing too much money leaving us holding the bags, government's zoning laws making housing expensive and them importing millions of immigrants despite record unemployment numbers to put downward pressure on wages and upward pressure on housing. None of this is done by US tech bros, it's all done by EU rulers and elites.
US tech bros is an orthogonal issue that distracts from the core issues.
The quantity theory of money is trivially shown to be nonsense just by considering what happens to savings (i.e. nothing). You need to up your analysis if you want to truly understand.
What happened to savings in Zimbabwe when they printed trillions of dollars? Did that do anything to what those savings would buy?
Here is a discussion of Zimbabwe more complete that I'm likely to write in a comment on HN: https://billmitchell.org/blog/?p=3773
You've made accusations but have not brought arguments to support that my take on EU leaders and elites being the ones fucking us, our CoL and purchasing power, is wrong.
And savings absolutely did eventually get obliterated by excessive Covid money printing, what are you on about?
I've not made any accusations, nor do I think that the elites are not to blame. I said that "money printing" is not the problem here. The reason it's not the problem is because the quantity of money simply reflects savings. By focussing on "money printing", you're missing the actual problems. Arguably, that's the point, since the elite tend to do well when money is considered a scarce commodity.
Sure, spending might cause inflationary effects, but that's orthogonal to quantity (flows not stocks), but then economics is the science of confusing stocks with flows.