← Back to context

Comment by DyslexicAtheist

3 years ago

something I'm not getting here. If you buy a EU engineered IoT home appliance that has PII including, whether a user is presently inside their home, then every company I know operating in this market uses US based clouds (what other options are there LOL) to do things like digital twin or device shadows but by using a local availability zone.

So this is very different than GA, but depending on the threat-model can be worse. Also very similar metrics can be gathered from the data as from a GA cookie (are they eating, cooking, showering, watching TV).

CloudAct would (or should) in this case also apply here or what am I missing?

7 comments

DyslexicAtheist

Reply
toyg  3 years ago

You're not missing anything. A lot of companies just have no idea of the legal landscape, or simply ignore it in the name of convenience. That's because consumers are even more ignorant of their rights around technology and don't sue them. It will take a lot of civil litigation for this to change.

spockz  3 years ago

I am only aware of Hetzner. (German) The other day I was checking out there offerings and I was amazed at how easy it is to order a vm. And then it is live the next second. It is amazing.

Obviously they don’t have full range of services the big three have. But maybe just enough anyway.

  • dizhn  3 years ago

    They routinely refuse new accounts if something looks fishy (to them). They don't provide extra information or even accept payment in advance.

undefinedzero  3 years ago

The watchdogs are extremely slow and have a huge backlog. You’re right that storing that data in the US or without transferring ownership to an EU subsidiary would not be legal.

AlchemistCamp  3 years ago

> every company I know operating in this market uses US based clouds (what other options are there LOL)

Alibaba has a sizeable cloud offering and has for years.