Comment by stickfigure
1 year ago
The future of this is that international companies need to pick a single jurisdiction, keep their servers and employees there, fight extradition requests, and leave it up to other countries to try to block their own citizens from access.
I always thought Gibson's concept of "data havens" was kind of silly; data doesn't care where it lives, why would it matter where it's physically located? But apparently he was a bit more prescient than I originally gave him credit for.
That philosophy will often fail if you need to handle payments or advertising or sale, etc. once you reach a certain scale.
Because consumers and advertising partners want to pay in the local currency, using local means of payment, which are often only available with a business bank account available only to locally registered businesses.
And then things like salespeople on the ground who can visit advertisers' offices, go to conventions, etc.
If you want to actually be a viable business in a particular country at a large scale, it often becomes impossible to avoid having to incorporate there and hire people locally, even if your actual product is entirely digital.
It also doesn't help if your customers can neither legally pay you nor account your invoices as costs for the tax purposes.
Yeah, so that means, China is doing it right with Weibo and Douyin. It's Twitter and Instagram respectively but built top to bottom for full Chinese ideological, legal, and financial conformance. I used to think that's weird, but it could be where we're headed.
Countries can do more than just try to block network traffic. No legal presence in our jurisdiction, no business in our country.
It's much easier to block local advertisers' money going to such companies.
Is it? Ad networks are often multilayered and opaque.
Ad networks are also sure as hell not going to cover for anyone, either. If a client is causing them legal issues they're just going to drop them.
I was thinking exactly at this. I think a block of ads would hurt even more X than a total-block of X.
If you block X, you block obviously ads, but you also block local traffic to the website.
If you just block ads, and the traffic continues, you are actually losing even more money.
Sure, Musk could just implement crypto on X, but I think it would still be very effective.
Many jurisdictions, including EU, China, and others, require data on their citizens to be hosted locally.
But that only applies to companies that the EU has any kind of control over.
If you're in a hypothetical country that the EU has no relevant treaties with, the EU has no power over you. They might claim that EU laws are extraterritorial and affect everybody who dares to appear on the internet without blocking EU citizens, but that claim can't be enforced in such a country.
At what scale do I need to worry about this? If I make an app and don’t want to comply but I live in the US, do I open myself up to extradition if I have users in the EU?
6 replies →
Sure the EU can; the EU can block any payments leaving the EU going toward a legally non-compliant entity (company, country, etc) if they wish.
2 replies →
Then it would be up to those countries to block traffic to said social media companies. This is what china already does.
Not just block traffic, but also any payments.
And that’s the way it *should* be.
When Steven Harper unilaterally attempted to empower private data to be offshored, it would have been an absolute nightmare.
North American security is bad enough as it is. Imagine handing all your health, credit card, government information over to a Nigerian prince just for free.
what would happen if a US company, with US servers, ignored those requirements?
It would blocked in the EU.
Also the company could be asked to forbid EU customer to access the product. Wouldn’t be a big threat but it would prevent the company to do any futur business in Europe.
Tech savvy customer could still access the product but that is not a market as big as every EU potential customer.
21 replies →
The EU does not require data to be hosted locally, though.
As far as I know, they do. That’s part of their consumer data protection act (didn’t remember the exact name).
Do you have any source for that ? it would n’a quite helpful, honestly.
2 replies →
I'm not sure about Chinese law, or any other law, but GDPR for sure does not require that. The fact that the US is not an option doesn't mean you cannot store data in any other country, just that the safe harbour and then the privacy shield were considered inadequate. For example, storing personal data in the UK is just fine.
I don't disagree with keeping staff within safe regions. There are some issues surrounding that, as some regions require local representation.
Modern services, including Twitter, have the ability to geofence content/compliance policy to specific regions. Search, Social Media, Maps and News are examples of typical services which engage such techniques. So there's not a lot of reason why Twitter couldn't comply here, since they already have already demonstrated this capability.
Twitter's non-compliance will likely just end up with a ban.
The future is actually the opposite: platforms putting servers in every country the operate in and having slightly different rules according to each country
This, I am quite certain, is not the longterm endgame. For small countries with mostly-similar regulatory regimes, sure. For large countries with authoritarian leadership like China, they're not going to tolerate companies publishing "nation of Taiwan" stories anywhere.
The future could be the opposite of the opposite also. Governments which want to operate in the physical realm as well as the web realm, could pay fees to the private company, so as the government of said country and it's citizens not be banned from the platform. The fees could be rephrased as taxes.
That's fine until you want to conduct business, such as accepting advertising, hiring employees, or even taking direct to consumer subscription payments, in a country.
The premise that "data" and "cyberspace" somehow transcend the physical and legal universe was always naive on the part of cypherpunks.
Initially the internet was a chaotic place where anything was accepted. This stopped around the early to mid 90s. Then the pendulum swinged the other way and governments started imposing more and more restrictions - from copyright, to actual information filters and now trying to dictate international companies what their citizen are allowed to see. Like any pendulum, it will likely swing the other direction soon.
Some things are pendulums, some things are ratchets. Generally, expansions of government power don't get reversed.
1 reply →
I'm not sure it's a pendulum. Some (many? most?) things don't swing back. Many changes are effectively irreversible.
It's not like fat-->skinny-->fat-->skinny ties, where there's zero friction for the pendulum.
The only way the net is going back to the old ways is if the governments of the world stop caring (good luck with that) or if end-user decentralization tools make a quantum leap in adoption, but even then I think you're more likely to see governments cracking down on that rather than just not caring.
I doubt that even what you said is enough hence the cookie banners everywhere and back in the day US blocking for gambling sites etc.
Only if you don't care about doing any business in those countries, which, I'll enlighten you, you do.
Because someone can pull the plug or drive an axe through it, that's why we care.