Comment by whiterose1214
3 days ago
Lot of discussion about different privacy laws across jurisdictions, and while I understand a lot of users have different approaches to privacy and opinions on political matters, realistically if your threat model is the NSA or some other three-letter agency:
a) migrating to a different jurisdiction isn't realistically a massive barrier for them (related: https://www.usenix.org/system/files/1401_08-12_mickens.pdf)
b) if they're taking the time to get a "secret" warrant for you, you have much larger issues. It's like building a car that's resistant to hellfire missiles. It'll help, but if you're getting hellfire missiles thrown at you, you have much larger problems than the structural integrity of your vehicle.
Realistically, there's a reason that a lot of these services are underused. Many of them lack reliable support, many of them aren't as useful, and the vast majority lack the interconnectivity that makes services like Drive and Gmail so useful to the vast majority of consumers. In addition, if your evaluation of the utility of US companies is based on which party is in power, you should know that both parties equally don't care about your privacy, and never have.
If your threat model is the NSA, moving to non-US providers actually lowers the barrier as they no longer have to deal with the US constitution and US citizen data. If your threat model is law enforcement (or border/customs, et al), moving to EU really doesn't cause much in the way of speed bumps.
In my opinion though, the real threat model is not the actual government, its the US corporations. The NSA wont sell your information to any bad actor with a credit card and, realistically, doesn't care about you. But there is much that can be stolen or exploited for financially-motivated bad-actors from non-extradition countries or others with differing interests than your own.
Yeah, sure, but this idea that the government is the threat you're defending against is very American. I'm not saying I trust my government with a lot of my personal data, but they're not the most important threat I'm defending against when I look after my privacy online.
Defeatism; alternatives don't have to be perfect to be useful. In other words, it's a journey, not a destination.
Totally get what you're saying, and improving personal security can also be fun as a mental exercise. It's just there's a lot comments in this thread (hundreds) about how you can migrate EU to escape USG surveillance, which is just not realistic.
It's plenty realistic, just not perfect. Extradition is different than real time surveillance, for example.