All of Europe's data in US servers? We're OK with that - EC bod
A European Commission director has said that it shouldn’t really matter where Europe’s data is stored, as long as it’s secure and protected. Megan Richards, acting deputy director general of Information Society and Media and also part of the Converged Networks and Services directorate, said it wouldn't necessarily be a problem …
This topic is closed for new posts.
Once again, how does this square with the PATRIOT Act ?
Which requires US companies to surrender data to the US government wherever it's housed in the world, and which can require a US company to shut a data centre down with no notice.
Or did I miss something ?
Re: Once again, how does this square with the PATRIOT Act ?
No, I don't think you missed anything. Ms Richards certainly did, though.
“The legislation in the US is not so different from the legislation we have in the EU,” she says. Well, that depends on whether you're from The Land Of The Free (TM) or one of the 6.5 billion great unwashed from other parts of the globe. Poor lass obviously hasn't heard of Megaupload - or worse still, she has but she believes it's some sort of Pirate Bay extension.
As one of those great unwashed, I wouldn't entrust anything critical to a US-based company. Not because there's anything intrinsically wrong with them, but because the last time I looked, Brussels hadn't have quite the degree of God disease that Washington suffers from.
Re: Once again, how does this square with the PATRIOT Act ?
this <blank piece of doctor-who psychic-paper> is a USAPATRIOT 2001 Section 505 National Security Letter and I hereby claim 'all your cloudz dataz belong to us'
.
.
.
psst: you saw nothing, have heard nothing and know nothing, or else
references: [Russell TD] , [Warrant Canary] , [RTÉ]
check out the warrant canary at least!
Warrant Canary...!!!!!????
Jeez, now companies are actively to follow the American Way*. Perjure yourselves or be prosecuted for not doing so!!!
*Lie and Deny.
Re: Once again, how does this square with the PATRIOT Act ?
As far as "The legislation in the US is not so different from the legislation we have in the EU" is concerned: "not so different" is the difference between exactly the same and hordes of the paper toting law quoting undead... ehm lawyers looking at full employment for years.
If the law is "not so different", why not just copy and paste US law then, Ms Richards?
<deleting rant about violating your own citizens' rights under dubious excuses like terrorism etc as I don't want to get my blood pressure up too high>
Blegh.
Re: Once again, how does this square with the PATRIOT Act ?
@Mike Smith
No No No Mike, you are wrong, Ms Richards has missed nothing.
“Theoretically, it shouldn’t matter where data is held as long as our rules apply,” Richards told The Reg at the Cloud Computing World Forum in London. “The legislation in the US is not so different from the legislation we have in the EU.”
All praise to the Sir Humphrey's and George Orwell and the Ministry of Truth"
This is bureaucrat bullshit of the highest order, the logic is perfect, its the facts that are wrong! Look at the first word, Theoretically, it shouldn’t matter where data is held, this statement is correct, it shouldn’t matter where your data is held, practically though, it does matter where your data is held (see next point).
"The legislation in the US is not so different from the legislation we have in the EU.”
I forget what this logical fallacy is called (false analogy? ). The phrase "not so different" is meant to convey the notion that the data protection laws are nearly the same when they are not.
Ms Richards has missed nothing, she's just hoping that you did.
Simple solution
We leave Europe and ask to be the USA's newest State, New Britain. Problem solved.
After a few years of adopting American culture we can be just like them, ignorant, gullible, war mongering, overweight, reliant on fast food, gun toting, believe Hollywood films are true, bend history, throw out human rights legislation, privatise the health service,.... I could go on...
NO WAIT I've just realised, it's already happening! Ahhrrrrgggg.
Re: Once again, how does this square with the PATRIOT Act ?
Read my posts and you'll know I'm not known for brevity.
...But I'm lost for words. Are things really getting this bad?
(Today, I've read 5 El Reg stories which makes me wonder if I'm in Alice's Wonderland or Cloud Cuckoo land.)
Anyone got any Prozac? ...A handful please.
All Your Database Are Belong To US
I fear you are correct, Herr von Krakenfart. It doesn't help that she herself is a septic:
http://www.youtube.com/watch?v=78MWh8zuBQc
http://www.youtube.com/watch?v=GnsinGXZ8LE
Her address is largely content-free, but taking the Sir Humphrey reincarnation a little further, her comment about US legislation could have a slightly more sinister interpretation, depending on where her loyalties really lie.
Cynical and suspicious? Moi?
secure and protected
How bloody stupid is that?
“Theoretically, it shouldn’t matter where data is held as long as our rules apply,”
Well they don't apply because it's in the US. Good luck with getting them to play by your rules.
I'd expect this EU cloud to go live and the US security bods to be looking through the data that same day.
This isn't you uploading your holiday snaps to Facebook, this is national data that should be secured within that country's borders!
Flipping heck, I work for a financial institution in the UK that operates partly within Switzerland and while that country is not part of the EU we have to jump through some serious legal and technological hoops to allow our systems to correctly share and still segregate key data. We are reminded almost on a daily basis that if one byte of data escapes from the Swiss held servers that should not, we will be personally liable for it and P45s will be issued without hesitation!
But this new legislation is design to help people like you (be replaced with more foolish voters) by meaning that there is no longer a problem in sending civilian data anywhere in the EU or even the world. Does that not sound like a good thing, they are just making your job easier.
Your not alone
We have a standing instruction that NO data relating to trades, payments contracts etc should be held on US soil. Not one byte, otherwise, ... well P45's would the polite way!
Re: Your not alone
At a bank I worked in they used to fly backup tapes from caribbean offices to data centres in Canada via Europe. It was deemed an unacceptable risk that the aeroplane carrying them would overfly the US and might have to touch down there in an emergency.
the whole thing smells of either bribery or extreme nievety (sp)
and i dont think the data protection act is properly coded for new things like the "cloud"
on a separate note:
"We really need to drive growth and jobs in the future,” she said."
Great - lets give all the data storage jobs away to johnny foreigner then!
is there anything else not important we can hand over?
how about we outsource the military?
The difference between theory and practice...
Is that in theory, there is no difference,
but in practice, there is.
“The legislation in the US is not so different from the legislation we have in the EU.”
He is joking right?
He is joking right?
No, she is not.
*officially* US (and Israeli) data protection is as robust as the rest of Europe.
Look it up.
Game over
Hello National Security Letters, goodbye data protection.
Unless EU service providers can keep my private data safe from the menacing advances of American "interests", the only "Cloud" I'll ever trust is the one in my broom cupboard.
The difference between the Commission and the Parliament
The Parliament (with our elected representatives) has reviewed the EU's relationship with the US on data protection three times and found it woefully lacking.
The Commission, on the otherhand, is rather like the civil service. It acts in its own interests - which means the interests of whoever will offer the individuals involved the cushiest directorship or stuffed brown envelope.
This is why we have representation in government (not that they actually fulfil their purpose, sadly).
Re: The difference between the Commission and the Parliament
Sadly, completely agreed regarding your characterization of Commission vs Parliament.
Seems like the Humphreys once again come out on top...
Re: The difference between the Commission and the Parliament
And you wonder WHY? they cannot balance their Books for the last god knows how many years back???
Megan Richards
I hope for her sake breathing is a reflexive action because she cetainly hasn't got the brains to do it.
There are a lot of differences between EU and American rules.
And if something is held on server that breaks rules in one place but not the other, who's jurisdiction does it come under?
Re: There are a lot of differences between EU and American rules.
simple answer
US
Please get on message. Write down 1000 times
'All the data stored on a computer in the world belongs to the USA'
cos Pres Obama said so.
Re: There are a lot of differences between EU and American rules.
"cos Pres Obama said so."
Err I think you'll find the PATRIOT (It is an acronym) Act was brought in under "W".
Also, there's companies liabilities ...
Our Information Security Officer (UK company of 5000+ employees) is of the opinion that a customer whose data was slurped by the US government, would have cause to sue us for breach of the DPA.
Re: Also, there's companies liabilities ...
That is correct AFAIK - even in the case of a criminal investigation (because it would only be legal if it was done by UK police). That's why it's quite simply idiotic to use US providers if you're not a US company yourself (as a US company you don't have a choice..).
Is this women insane? The U.S doesn't have to follow EU rules, and frankly their attitude to data is terrifying. The EU should keep their data as far away from the U.S as possible, at least until the U.S gets rid of the "Patriot" Act (gotta love how American politico's name their laws...) or puts some reasonable restraint on their "law" enforcement (see: megaupload)
Selling data
Isn't there a provision in US legislation to sell data to other companies?
I mway be wrong, if so pllease tell me.
Location doesn't matter
Cheap datacenter in India it is then.
It's fine because they ticked all the "do you have" boxes and we trust them not to lie.
Re: Location doesn't matter
I trust the Indians a lot more than I trust the US. I work with people who are (or their forebears were) from India. Their attitudes towards privacy seem a lot closer to ours than most people I have met from the US.
Ideally though, lets keep it in Europe. Someone in this continent must have a server somewhere...
Re: Location doesn't matter - @Spanners
"Someone in this continent must have a server somewhere..." And if not, why not? There is clearly a market for it!
Patriot Act
US Cyber Security Act 2009 has even weaker safeguards than Patriot.
**Do not store your client's data in the US**
Wowsers. She needs to stay away from those Amsterdam bars until AFTER she gives the interview.
I mean, I one them thar crazy 'Mericans, and in her place I wouldn't trust us with your data. Even if we set the Patriot Act aside, you never no when some idiot President or aide thereof is going to go blabbing protected information.
Sovereignty
It doesn't really matter what US laws say now. The main issue is that the US government (or any other government, for that matter) can do anything it wants to in the future. It's an act of state. For US citizens' data, this is OK because they elected that government and they have the theoretical ability to throw them out.
European citizens whose data is stored in the US would have no sanction beyond saying "I'd rather you didn't", because we didn't elect them. Whereas we have control over data stored in Europe because we elected the people who run Europe and we can throw... Hang on... no we didn't, and no we can't.
51st State
Once it was just Blighty, now everywhere is 51st State, well apart from Russia and China cos they have big toys too.
echoing what everyone else has said: "What the fuck is she on?"
seriously? securely?
would all the security experts with proper full stops and letters after their name, please step forward and explain that there is no such thing.
Let's ask RSA first.
This is so bad, so negligent, so rank stupid, that I actually don't have the necessary language skills to adequately express my opposition to this.
Swearing wont work.
A pathetic pointless vote wont help.
A letter wont help.
A meeting with my local Tory MP ( who I know quite well) wont help either.
Even 1 million people protesting on the streets of London can be simply ignored.
What's left? Mass violence? Seems to work else where, right?
Tell me, what is left? Seriously, how can this sort of thing be dealt with by normal intelligent people when we the people are buried under so many layers of bureaucracy designed to cut us out and leave us as simple servants?
These bastards ruin everything. When will we hold them properly to account? After its too late, as per usual?????
Well, OK, then as per usual, we deserve it. Unless all the whiners here and else where get off their collective lard arses, leave their precious keyboards and sniff the fresh air, it will be too late, and your kids will ask you why you just sat there typing bullshit on a web site while Rome burned around you.
Stop typing and damn well get off your back sides you lazy pointless people, or, shut the hell up and take it like the damn gimps you all are.
Now, down vote that mother f*cker. Cos you are too fat and lazy to do anything else.........
You know its true. Thats you you wont like reading it.
My name is Bent Over Elton, good night.
Of course there's things we can do...
@ACx:
If your managers say "Cloud", reply "Not in America".
If they insist, encrypt everything in sight.
Make sure the only place where the encryption key(s) exists is on a thumb drive in the CEO's safe, with a note giving the name of the fuckwit that insisted,
When the cops ask for the password, say "the CEO has that, I don't".
Finally, set up a dead man switch that deletes everything in sight if you end up in the slammer.
Actually, I have prepared a rather large spanner for their works. No,, make that a large spanner for general use and a very large handful of nuts for the gears of all these privacy violating outfits - with material provided by themselves.
To be continued..
5 million what??
"Richards reckons cloud computing has the potential to deliver €700bn (£564bn) of economic benefit in the five biggest European economies and generate five million new jobs in the five largest member states."
Generate 5 million new jobs??
How can moving your data to the cloud generate 5 million new jobs?
It's more like move the data to the cloud then off source the jobs to India.
Oh, that's easy.
"Richards reckons cloud computing has the potential to deliver €700bn (£564bn) of economic benefit in the five biggest European economies and generate five million new jobs in the five largest member states."
Firstly, moving to The Cloud (TM) is a serious move, requiring extensive business process re-engineering. That can only be delivered by engaging world-class best-of-breed consultants from top firms - Capita, Accenture, EDS, etc - which will in turn pump revenue (their daily rates) into the economy.
The new jobs - rifling through other countries' data and fighting expensive legal battles - will be created in the five largest US member states.
“We really need to drive growth and jobs in the future,”
So how does that comment square with:
"Theoretically, it shouldn’t matter where data is held as long as our rules apply"
She wants to drive growth and jobs to the US?
Patriot act ?
Patriot act is in contradiction with EU privacy rules, please seek alternate employment Megan
They've gone and done it again!
Every time I think government can't get any more stupid they go and prove me wrong.
EU commission <> EU Parliament
For non European readers.
The "Commission" is the unelected group that basically runs the EU Civil Service.
They appear to have learned many important lessons from studying the British Civil Service.
Most of them bad.
This topic is closed for new posts.
