Sign in / up

back to article Euroboffins want EU to achieve techno-independence

Bug bounties, disclosure rules, product certification, and support for open source software are all in a grab-bag of proposals put to the European Parliament to help fight mass surveillance. The calls are set out in the second of two studies prepared for the European Parliament, as part of a “strategy for more security and …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Mark 85

    Everything looked pretty rational and well thought out and perhaps a model for certain other countries, including mine.. the US. That is until the last paragraph. A political discussion, as they call it, will pretty much wreck any of those plans once the lobbyists, security agencies and politicians get involved.

    16 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: political discussions

      A political discussion, as they call it, will pretty much wreck any of those plans once the lobbyists, security agencies and politicians get involved.

      Depends how you play it.

      I once built a government wide system, and the way we kept it moving forward was by inviting the heads of technology of the various parties into a project forum. They had no explicit control, but they could get their voice heard and made (usually very sensible) suggestions to ensure we kept their specific needs in mind as well without diluting the overall focus.

      Because we had these people "inside", we took away the "not invented here" problem, and because they were high up but technical the politicians let us be (apart from some early attempts which we quenched in in the press in a hard enough fashion to make the rest of them aware they could burn their fingers). It worked rather well, but it involves living on a knife edge and be very, very aware of how the press works.

      As for the "agencies" - they only showed up halfway through the project (once it was clear the project was actually going to deliver - can't get associated with failures, oh no) to claim their involvement, and I was ahead of them every step of the way. That was really the point at which the politics started, and I have seen more sense and self control and less spite in a kindergarten. Ugh.

      But I got it done.

      10 1 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      @Marky 85

      Everything looked pretty rational and well thought out

      That's not a phrase one associates with the EU.

      3 5 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        "That's not a phrase one associates with the EU."

        No, but it's immaterial. Our own security agencies are in bed with the NSA, so there's no data independence even if they erect the great Firewall of Europe (and even in the unlikely event that it worked). But there's a bigger problem, that in terms of technological independence the US has such a lead on the core technologies, operating systems, application and web services, and indeed voluntarily surrendered data that there's nothing really to protect in Europe.

        The EU and the US are similarly sized economic blocs. But the US is home to 80% of global technology by revenues of domiciled companies. Yes, there's a few diamonds in the EU clay, such as ARM, the origins of Linux, SAP (arguably), and so on. But the maths is simple, that the revenues EU tech firms are less than 10% of global tech sector revenues, and EU ownership of IP is particularly limited - all the leading web applications are US invented and controlled, there's no surviving and successful phone European commercial phone OS IP, no computer operating system commercial IP of any significance. The demise of Nokia was a purely private sector (and Finnish) disaster, but what might the EU have done to stop that? Protectionism breeds weak firms that don't survive in the market, and all of this EU prattle smells of a return to commercial nationalism and picking winners. We've tried this before with ICL (and in France with Groupe Bull), and it didn't work last time, it won;t work this time.

        The best thing the EU could do would be to reduce its own regulations, and to require member countries to reduce their native regulations, but that's not going to happen. It's far too important to the bureaucrats that they can force companies to fill in their crappy forms like ESOS, make the companies responsible for providing employee pensions (ie transfer of the welfare state to companies), require them to sign up to "Climate Change Agreements", regulate the packaging they use, check the work status of their employees (because that's far too difficult for the UK Border Farce), etc etc.

        You'd have to be mad to set up a new business in Europe.

        6 7 Reply
        1. Jimmy2Cows Silver badge
          Reply Icon
          Thumb Up

          No, but it's immaterial. Our own security agencies are in bed with the NSA, so there's no data independence even if they erect the great Firewall of Europe (and even in the unlikely event that it worked).

          Exactly this ^^^^

          When our own security services are hoovering up all our comms data it makes bugger all difference whether that data stays inside the EU or lands in US servers. It will all end up in US hands anyway thanks to our intelligence sharing arrangements.

          The cynic in me can't help but think this is a plan to get US companies to set up EU server and EU companies to use EU servers, a ploy to make ordinary EU residents believe their data is now safe from the grabbing hands of the NSA, all so EU intelligence services can have easier access to the data they already seek to collect.

          4 0 Reply
          1. Antonymous Coward
            Reply Icon
            Thumb Up

            Quite!

            "EuroCrypto and EuroCloud needed to protect local data"

            As if CIA/NSA/GCHQ would *EVER* allow "EuroCrypto" to happen without "accidentally (honest)" botching it or vetoing it! lmao

            It'll *NEVER* happen. *NOT* *EVER*

            Still, I suppose it's better than nothing of them to make a bit more noise and perhaps focus a bit more attention to the problem. Perhaps Asia or somewhere will take up the challenge... they have already developed and introduced both CAMELLIA and ARIA after all; the two amusing and effective solutions to removing the SPOOKINESS from the NSA's pet AES without abandoning the useful and practically ubiquitous hw acceleration.

            0 0 Reply
          2. Mark 85
            Reply Icon

            When our own security services are hoovering up all our comms data it makes bugger all difference whether that data stays inside the EU or lands in US servers. It will all end up in US hands anyway thanks to our intelligence sharing arrangements.

            And our data ends up in the EU hands due to the way the info is gathered and swapped. I guess I should say "thanks for sharing", but that's really a rather scary concept about data... metadata.. whatever data.

            0 0 Reply
        2. phil dude
          Reply Icon
          Linux

          upvote...

          you missed that all the supercomputers are here too...

          P.

          0 0 Reply
  2. Phil O'Sophical Silver badge

    It notes that strengthening Europe's data protection rules – particularly with respect to what can be sent offshore – would encourage more cloud operations to set up servers within the EU.

    Really? Sounds more likely to encourage companies to leave. What about the multinationals that have info in several jurisdictions, and find they can't move data between them? They'll head for the places with the lightest regulation, as always, and the jobs will follow them.

    0 5 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      What about the multinationals that have info in several jurisdictions, and find they can't move data between them? They'll head for the places with the lightest regulation, as always, and the jobs will follow them.

      Ah, but you forget they have customers in those jurisdictions too, and it has already been demonstrated that you cannot escape the demands of that jurisdiction by hopping to another one (or Farcebook and Goggle would not have the problems they have now).

      Herein lies the rub: EU companies have to comply with EU rules, and thus the larger ones pressure US providers into giving them evindence to prove compliance. The result of it is that those US companies are sh*tting bricks at the moment worrying about EU sales in the light of stricter enforcement of EU privacy and data protection rules, because they already get pushback from lawyers working for EU companies. I have no doubt the EU will be blackmailed again with the threat of a trade war into coming up with some weak excuse, let's call it Safe Harbor II, which will allow US suppliers to ignore EU privacy as before, but the fact is that US companies are *far* more worried than they let on.

      The EU may not have software greats, but it does have very, very fat clients. US companies cannot afford to lose that revenue, which is why Brussels is so full of lobbyists..

      3 1 Reply
    2. Raumkraut
      Reply Icon

      What about the multinationals that have info in several jurisdictions, and find they can't move data between them? They'll head for the places with the lightest regulation, as always, and the jobs will follow them.

      Unless you're also suggesting that all the customers will also abandon the EU; reducing Europe to a depopulated wilderness of hunter-gatherer communities; then there will still be demand for these services in the EU, which means money to be made.

      If the large multinationals don't want to obey the law to get some of that money, then I'm sure there will be some local companies to fill the void, and "create jobs" - probably more (and more varied) jobs than the large multinationals would have needed.

      Which appears to be the point.

      3 1 Reply
  3. Anonymous Coward
    Anonymous Coward

    EU regulations

    I'm a sick puppy, I think a lot of the engineering regulations are sensible, fair and keep the end users safe.

    Technological independence is a worthwhile goal, which, if achieved, would help break the current software monopolies and help make treaties a little less American centric.

    Vested interests will scream and holler (say that they'll reconsider the location of their HQ, have lobby groups produce papers on why it's a bad idea, etc) that it is too hard, expensive or insecure to even try, however, the only way to know if it is too hard is to actually attempt to do it.

    8 0 Reply
  4. Dave Howe

    was not impressed (one star, would not commission again) :D

    Would appear to be compiled by non-technical people from the advice of technical people, which advice they clearly had trouble understanding (and from whom they were unwilling to seek clarification).

    I think their experience with LinkedIn says it all, really.

    They appear to have selected *one* working group within LinkedIn, posted *one* vague query to that one group, received 11 posts (from 6 distinct individuals) without ever replying to or following up on those posts, then declared *the whole of social media* unsuitable for research and abandoned the attempt.

    And this is the quality of research the EU will use to shape future policy? OMG.....

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like