Comment by kixiQu
3 years ago
if anyone is curious about why that gives the govt. access:
https://en.wikipedia.org/wiki/CLOUD_Act
(God willing they repeal it, even if only for the international commerce implications...)
3 years ago
if anyone is curious about why that gives the govt. access:
https://en.wikipedia.org/wiki/CLOUD_Act
(God willing they repeal it, even if only for the international commerce implications...)
This will never be repealed. It was introduced to effectively enshrine a right US authorities have had since the PATRIOT Act was introduced 17 years prior, since that act had become politically contentious and was left to expire.
If anybody seriously thinks US authorities will quietly lose a key power after enjoying it for 21 years, I have a few bridges ready to be sold.
No one said "quietly" -- but there has to be some threshold of backlash that would knock it back. My guess is that European privacy law could combine with it to do enough impact to large American businesses that they'd use their political weight to do something, whether or not it were to improve matters from the perspective of privacy/sovereignty.
something I'm not getting here. If you buy a EU engineered IoT home appliance that has PII including, whether a user is presently inside their home, then every company I know operating in this market uses US based clouds (what other options are there LOL) to do things like digital twin or device shadows but by using a local availability zone.
So this is very different than GA, but depending on the threat-model can be worse. Also very similar metrics can be gathered from the data as from a GA cookie (are they eating, cooking, showering, watching TV).
CloudAct would (or should) in this case also apply here or what am I missing?
You're not missing anything. A lot of companies just have no idea of the legal landscape, or simply ignore it in the name of convenience. That's because consumers are even more ignorant of their rights around technology and don't sue them. It will take a lot of civil litigation for this to change.
I am only aware of Hetzner. (German) The other day I was checking out there offerings and I was amazed at how easy it is to order a vm. And then it is live the next second. It is amazing.
Obviously they don’t have full range of services the big three have. But maybe just enough anyway.
They routinely refuse new accounts if something looks fishy (to them). They don't provide extra information or even accept payment in advance.
The watchdogs are extremely slow and have a huge backlog. You’re right that storing that data in the US or without transferring ownership to an EU subsidiary would not be legal.
> what other options are there LOL
This blogpost lists a few :
https://news.ycombinator.com/item?id=27393854
Also, even if no options were available, it's not like the law would care - the illegality of it has been advertised for years...
(what other options are there LOL)
It is a hot topic, here are a few: IONOS - https://cloud.ionos.com/ Onep Telekom Cloud - https://open-telekom-cloud.com/en
But if you want to do scale in Europe you have to go for OVH: https://www.ovhcloud.com/en/
> every company I know operating in this market uses US based clouds (what other options are there LOL)
Alibaba has a sizeable cloud offering and has for years.
Presumably the Five Eyes alliance could also mean that servers in Australia, Canada, New Zealand, and the UK may also be unusable since they share intelligence information with the US.
> (God willing they repeal it, even if only for the international commerce implications...)
It's hard to express how impossible this is. It is very very strongly in the state's interest to keep powers like this. We're more likely to get communism...
This then comes down to whether you think the US govt. these past few decades is better at self-perpetuating power or toadying up to the demands of capital. Cynicism vs. cynicism!