Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Patriot Act Clouds Picture For Tech

Soulskill posted more than 2 years ago | from the your-data-is-safe-except-from-us dept.

Cloud 203

Harperdog writes "Politico has a piece on how the Patriot Act is interfering with U.S. firms trying to do business overseas in the area of cloud computing. Here's a quote: 'The Sept. 11-era law was supposed to help the intelligence community gather data on suspected terrorists. But competitors overseas are using it as a way to discourage foreign countries from signing on with U.S. cloud computing providers like Google and Microsoft: Put your data on a U.S.-based cloud, they warn, and you may just put it in the hands of the U.S. government.'"

cancel ×

203 comments

Sorry! There are no comments related to the filter you selected.

Probably, but... (5, Insightful)

Anonymous Coward | more than 2 years ago | (#38242244)

...you put it anywhere on the "cloud", and it's one mis-step away from being everywhere.

Re:Probably, but... (1)

CmdrPony (2505686) | more than 2 years ago | (#38242338)

Just like with colocation and other hosting services. You have to trust someone though, and big cloud providers are required to be good at what they do. They're too big to fail.

Re:Probably, but... (1)

crutchy (1949900) | more than 2 years ago | (#38242800)

i trust who i work with in person, but it also means that if they fuck up i can give them an earful and see their reaction :)

Re:Probably, but... (0)

Anonymous Coward | more than 2 years ago | (#38242402)

That's why I use the Personal Cloud [amazon.com]

I LOVE AMERICA! (-1, Troll)

Jeremiah Cornelius (137) | more than 2 years ago | (#38242508)

Signed, the Necrophiliac.

Re:I LOVE AMERICA! (-1, Troll)

CyberDong (137370) | more than 2 years ago | (#38242662)

I used to be a necrophiliac too.... but one day the rotten bitch split on me, and it was over.

Re:I LOVE AMERICA! (0)

Anonymous Coward | more than 2 years ago | (#38243754)

I used to be a necrophiliac too, but one day I was hitting it with this woman, and suddenly she got up and started demanding "BRAINS!!!!". That ended my perverse obsession with corpses quickly.

Re:Probably, but... (1, Offtopic)

rtfa-troll (1340807) | more than 2 years ago | (#38242578)

Awesome. It's like tethering. A completely invented feature created by taking something away that wasn't missing in the first place. The people who think these things up have imaginations worthy of Iain M Banks [iain-banks.net] or almost even Iain Banks. .

Re:Probably, but... (1, Offtopic)

GrumpySteen (1250194) | more than 2 years ago | (#38242802)

How is remotely accessing a hard drive on your home computer in any way, shape or form like tethering? Did you not look at the product that was linked or do you have no clue what tethering is?

And what do think think has been taken away? It's an external hard drive that has all the functionality of an external hard drive. It includes some software to make it easier to set it up for remote access from other PCs, your phone, etc., but that adds functionality, it doesn't decrease it. What do you think is missing?

Re:Probably, but... (0, Interesting)

Anonymous Coward | more than 2 years ago | (#38243022)

Now, if someone could make some appliances that I could drop at my place, and at a few friends' places, with all three mirroring with ironclad consistency, that would be a true "personal cloud". Ideally, at the block level, as opposed to file level like rsync, although if one mounted a file based filesystem via loopback and used rsync, that would be close enough.

Of course, having a client just send up changes to files and not the complete files would be important, a la Dropbox. Even better, have the client encrypt all data being uploaded before it goes up and decrypt as it comes back, and the encryption can be a password, a keyfile, or a generated nonce that is protected by a public/private keypair where the private key is stored on a cryptographic token.

For a number of uses, this would be the ideal cloud setup.

If one decides to take it a step further, one can do what an old (I'm talking antediluvian) Mac application did -- it would present a drive to the user, but all files stored would be distributed among other machines in the LAN. Add an encryption layer, and a layer of redundancy, and that would be a very usable cloud. People who run the cloud servers can allow only themselves, users/groups they authorize, or anyone store data.

Yep (5, Insightful)

Anonymous Coward | more than 2 years ago | (#38242248)

Doesn't matter if you comply with EU data protection rules, we still don't trust you.

Re:Yep (5, Informative)

Anonymous Coward | more than 2 years ago | (#38242646)

More importantly, since there are US laws which contradict the very protections that EU safe harbor rules require, we CAN'T trust US companies to abide by our data protection requirements. We are bound by law to ensure these protections, so sending the data to the US is arguably illegal. The only reason why anyone still does it is that enforcement is so lax.

Re:Yep (4, Insightful)

GrumpySteen (1250194) | more than 2 years ago | (#38242882)

Would you kindly step up the enforcement, then? We all know that the US government isn't going to listen to it's citizens, but it's just as obvious that they listen to corporations. Maybe if Amazon, Google and a few other major cloud storage providers take a huge hit, they'll tell the government to fix the situation.

Re:Yep (5, Informative)

crankyspice (63953) | more than 2 years ago | (#38243254)

Maybe if Amazon, Google and a few other major cloud storage providers take a huge hit, they'll tell the government to fix the situation.

No, shops large enough to have influence are likewise large enough to simply setup European subsidiaries, with hardware in Europe and a cadre of European compliance officers, and it's business as usual. "You can choose a Region to optimize for latency, minimize costs, or address regulatory requirements ... Objects stored in a Region never leave the Region unless you transfer them out. For example, objects stored in the EU (Ireland) Region never leave the EU." http://aws.amazon.com/s3/ [amazon.com] (emphasis added)

Re:Yep (1)

Grishnakh (216268) | more than 2 years ago | (#38243830)

But can they really get around the Patriot Act this way? After all, if they're American companies, with their headquarters located in Silicon Valley, aren't they still required to follow American laws, including any wholly-owned subsidiaries they may have? (disclaimer: IANAL) Some company located in Switzerland, for example, with absolutely zero physical presence in the USA, would not have this problem or this potential legal liability.

No comment (-1)

Anonymous Coward | more than 2 years ago | (#38242268)

No comment

A new way? (3, Insightful)

TheRaven64 (641858) | more than 2 years ago | (#38242290)

No, this isn't new, it's an argument that's been used since the USAPATRIOT Act passed. Well, maybe they're saying 'cloud' instead of 'costing' or 'colocation'. The other good argument is 'the USA has no data protection laws so if you do business in the EU and host your data in the USA then you're opening yourself up to potential liability'.

Well why not? (4, Insightful)

Pastor Jake (2510522) | more than 2 years ago | (#38242308)

Friends,

I don't understand these companies' hesitance when deciding to do business with US-based companies. Sure, the data may need to be seen by the government, but we aren't China; the data will be kept safe while our researchers are doing God's work by looking for pedophiles, rapists, and terrorists. Perhaps they could even insert biblical references into the cloud, in order to spread the Word to those who would not otherwise hear it.

Your Friend,
Jake

Re:Well why not? (1)

forkfail (228161) | more than 2 years ago | (#38242562)

Please - someone tell me that this is snark.

Re:Well why not? (0)

Anonymous Coward | more than 2 years ago | (#38242564)

Zelous anti-theist troll is obvious.

Re:Well why not? (1)

Dogtanian (588974) | more than 2 years ago | (#38242740)

I know you're trying hard, but "Pastor Jake" is just a little too obvious to be the next Doctor Bob, as I suspect it is meant to be. That's on top of the fact that these things never work as well the second time round. Sorry!

Re:Well why not? (1)

M0j0_j0j0 (1250800) | more than 2 years ago | (#38242822)

Come on the guy has just started, give him a chance, a holy chance if not too much

Re:Well why not? (0)

Anonymous Coward | more than 2 years ago | (#38242864)

Let me enlighten you Jake... America is full of greedy corrupt fanatic idiots and most people prefer not to deal with that.

Re:Well why not? (0)

Anonymous Coward | more than 2 years ago | (#38243858)

You've got to wait a while for everybody to forget Dr. Bob before you start another account like that, grub [slashdot.org] .

Your style, although hilarious, is very recognizable.

Goes both ways (5, Insightful)

Pozican (864054) | more than 2 years ago | (#38242342)

American companies are scared their data might land in china and copied. This is only news in that the US is turning into the same crazy police state that we've thought was limited to china and north korea.

'Warn' ? (4, Insightful)

unity100 (970058) | more than 2 years ago | (#38242352)

do they even need to 'warn' ? previous incidents and documents that are in the open shows that u.s. govt, police, secret service, departments etc can wantonly request data from these services and get it. many of these, we discussed here.

Who can blame them? (5, Insightful)

Calibax (151875) | more than 2 years ago | (#38242358)

Four thoughts:

They may well be right in thinking their data will be more accessible to the US government.

If I were an overseas competitor, I'd certainly use this as a reason to not to use a US provider. In a heartbeat.

The law of unintended consequences bites the US yet again.

This wouldn't be an issue if the US government hadn't acted the way it has over the last 10 years. The US government has so little trust overseas that people have no trouble thinking the worst of it. Karma is a bitch.

Re:Who can blame them? (0)

Anonymous Coward | more than 2 years ago | (#38242534)

No doubt about it. Government hands are in everything now days, and there is constate abuse of power. Now, nobody trust them.

Government created it's own mess.

Re:Who can blame them? (1)

Synerg1y (2169962) | more than 2 years ago | (#38242898)

US Government or George W. Bush Jr.? We were doin great till that monkey came along.

I still think we need a better system for repealing laws, or perhaps we just need to wait for the god fearing soccer moms who don't know what a browser is to drop out of society. One can argue we'd get a new wave of idiots then, but at least they'd be tech savvy enough to forecast something like this.

Our current government thinks any data in its borders actually belongs to it, and that the person generating it may graciously hold on to it as long as he isn't a pedo or a terrorist or isn't named Julian.

The Patriot Act though... anybody respectable who's had to deal with it, has probably relocated far away from the states. Not to mention people who don't fly anymore because of the TSA and the fact you can't bring toe nail clippers with you on a trip anymore. What's funny is the TSA says http://blog.tsa.gov/2009/05/tsa-urban-legends-nail-clippers.html [tsa.gov] . Quite contradictory to consumer experience.

Re:Who can blame them? (1)

Jiro (131519) | more than 2 years ago | (#38243220)

The US isn't being run by Bush. It's being run by Obama (who the Europeans gave a Nobel Prize to). Bush lost the election; it's time putting the blame where it belongs.

Re:Who can blame them? (2, Insightful)

Synerg1y (2169962) | more than 2 years ago | (#38243350)

Obama's done right and wrong and isn't a saint by a long shot, however it's going to take time to undo the damage bush caused, him leaving office does not immediately end wars and fix global depressions.

Re:Who can blame them? (0)

Anonymous Coward | more than 2 years ago | (#38243812)

No, but Bush didn't add Libya to the list without even discussing the issue with congress (Congress must declare wars, presidents may not), and it took Obama to come up the policy of lying on responses to FOIA requests. I didn't like Bush, but Obama acts like a dictator

Re:Who can blame them? (0)

Patent Lover (779809) | more than 2 years ago | (#38243376)

The US isn't being run by Bush. It's being run by Obama (who the Europeans gave a Nobel Prize to). Bush lost the election; it's time putting the blame where it belongs.

Uh, which election did Bush lose?

Re:Who can blame them? (1)

clonehappy (655530) | more than 2 years ago | (#38243536)

2004 for sure and probably 2000 if you want to dig deep enough.

Re:Who can blame them? (0)

Anonymous Coward | more than 2 years ago | (#38243682)

So which unjustified war that cost trillions war and which global recession did Obama start again?

Re:Who can blame them? (5, Interesting)

kozubik (969276) | more than 2 years ago | (#38243010)

Not all providers are based in a single nation.

Amazon, for instance, has AWS locations around the world, although that probably doesn't help you much given their track record.

But rsync.net (I am the founder) has storage locations in Zurich and Hong Kong, in addition to the US. These sites are protected, just like the US sites, by the Warrant Canary:

http://www.rsync.net/resources/notices/canary.txt [rsync.net]

So while I agree that everyone in the world should be wary of USA PATRIOT, it's not a given that non-US consumers have to avoid US providers across the board.

Re:Who can blame them? (0)

Anonymous Coward | more than 2 years ago | (#38243512)

People are OK with it. Here we are, ten years after the 9/11 attack with things getting worse instead of better. People still vote for the same things because they have the two basics, bread and circus, McDonalds and TV. And considering how the romans lived, I'd say loss of privacy should be the least of your concerns. (although with the banks today, you could say they found a clean, easy type of slavery)

Sheep MTDD-4453X3

It is common sense, not the patriot act. (5, Informative)

gessel (310103) | more than 2 years ago | (#38242370)

If you put your data in the cloud, you put it in the hands of not just the US government, but every government the cloud company does business with. And also in the hands of every underpaid employee in the company; and while some companies may claim otherwise, their claims are unverifiable and unenforceable. "Cloud" services have their place - it is for data that is intrinsically public and ephemeral. Nobody should ever trust any cloud service with data that is proprietary or private or irreplaceable.

Most obviously, the "free" services are predicated on exploiting the value of their users as product to customers that are not the users. The model makes sense in some cases, for example a forum, where the shared public content is willing coproduced by users of the forum, exchanging their content creation efforts for use of the forum itself, the forum exploiting that content to attract eyeballs to advertisers that pay the bills.

While there are strong logical reasons why cloud services are intrinsically untrustable (ultimately, he who owns the hardware, owns the data), a simple thought experiment proves the folly: how hard is it to bribe an employee of a cloud service to give you inappropriate access to someone's data? Do you think you couldn't find one employee in one company somewhere? While one may be able to find companies that are currently resistant to easy attacks, cloud companies come and go like the .coms that they are are, and with inevitable waning economic optimism, so too wanes employee loyalty. In the eventual asset transactions that follow, acquiring companies of even trusted entities are unknowns and customers have no recourse and no authority.

At best, the loss of yet another fleeting cloud service means only the loss of the associated data and whatever codependent business line the cloud service customer bet on the serial risk of the success of the cloud company itself.

The premise of handing your proprietary data to another person for remote, invisible processing and care is fundamentally flawed. Your interests are not aligned and their interests will evolve and ultimately diverge or fail.

Foreign companies (and US as well) are well advised to be wary of cloud services.

Re:It is common sense, not the patriot act. (-1)

Anonymous Coward | more than 2 years ago | (#38242836)

can i put my wee wee in a cloud?

No kidding (3, Insightful)

Sycraft-fu (314770) | more than 2 years ago | (#38243282)

This seems like trying to spin a general fact of life in terms of "the cloud" (a term I dislike) in to an anti-US thing.

Your data is subject to being looked at by whoever controls it. Doesn't matter if they are supposed to, they can. The idea that the US government is the only one that looks in on data in their country is quite silly.

Also to expand on your bribery note, this could well be done by the government too in any country, but not as direct bribery: Find an employee who is patriotic to your country at the service, recruit them, and use them to get access to data you want. Could be quite easy since even a very moral person might agree. The government sells them on the idea that they need this access for legit work and it is just much quicker and cheaper to do it back channel rather than via the courts.

Basically if you give up your data to someone else, you have to understand that means others can have access. That is going to include their government. Don't think this is unique to the US. Other countries participate in the intelligence game just as much. Look up some information on the British Security Service or Secret Intelligence Service, or the French DGSE.

Re:It is common sense, not the patriot act. (1)

Anonymous Coward | more than 2 years ago | (#38243878)

I think we're all familiar with the risks of trusting data to outside parties. People have been doing it since... well, forever. But it's just like anything else, a long list of trade-offs.

What's more likely... that someone will break into Intuit and snag your data in a way that's useful to them, or that some jackass in your little company will somehow expose your fileserver? Or nearly as bad, that you'll have a hw failure without working backups? Is it more likely that a disgruntled intuit employee will manage to get access to your payroll data, or that one of your inside employees will dig around and find something on the network with inappropriate permissions? Is it a good idea to have Google handle your email and shared calendars? Will the US government see that you think Sally is hot, and is that worse than you having a shaky exchange machine in the building that never quite worked right with your phones? Is it better to punch holes in your firewall for remote access to an expensive on-site CRM solution, or to pay a salesforce/sugar to manage it for you? What's the risk if someone, someday, breached your CRM database? The list goes on forever.

So yes, cloud services involve risks. Maintaining services internally involves serious risks too (some the same, some different). You have to evaluate both sides if you're interested in solving a problem, based on who you are and what you're outsourcing. If you're an Iranian engineer working on a power plants, maybe you shouldn't store various schematics in a foreign cloud service. If you're a plumbing supply company, you should probably consider hosting your email elsewhere.

I'd think this stuff is obvious by now... it's not like hosted solutions are a new technology.

As a European (3, Insightful)

Anonymous Coward | more than 2 years ago | (#38242406)

But competitors overseas are using it as a way to discourage foreign countries from signing on with U.S. cloud computing providers like Google and Microsoft

It's not just competitors highlighting that important fact! As a European, I personally don't want my data to fall into the wrong hands, and the hands of the US corporation-state are most definitely wrong.

what's the problem? (-1)

Anonymous Coward | more than 2 years ago | (#38242416)

I don't see the issue. Unless your using the cloud to store kiddy porn, your terrorism plots, or other illegal shit why do you care? The lady doth protest too much, methinks.

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38242498)

> Unless your using the cloud to store kiddy porn, your terrorism plots, or other illegal shit why do you care?

Some people, companies, universities and public sector administrators (list not inclusive) DO have something to 'hide' from folks, that have no business in their affairs. Imagine!

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38242560)

Then it's rather stupid to then be putting that out on the cloud then, no?

Re:what's the problem? (2, Insightful)

forkfail (228161) | more than 2 years ago | (#38242588)

You don't mind me having a look around your house, do you? Oh, don't bother letting your wife know that we're going to be in - wouldn't want to bother her or anything. What? You don't want strangers poking around? What are you hiding?

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38242818)

Sure come on in. I have nothing to hide.

Re:what's the problem? (4, Informative)

Aryden (1872756) | more than 2 years ago | (#38242986)

I've noticed that you have cleaning products under your sinks. Didn't you know that in this state, it is a felony to have cleaning supplies in reach of children under the age of X? Oh, is that your 2 year old son. I'm sorry, I'll have to take you to jail now.

This is a hypothetical, but it is representative of how the government works. More often than not, they are coming in to look for things that will aid them in building a case against you even though they may seem completely benign. While searching your "nothing to hide stash" they come across a picture of you from 10 years ago with a college buddy who is now on a "watch" list, or a family member who speaks out just a little too much about the government.

Just because you think you have nothing to hide, does not actually mean that you have nothing to hide and shouldn't hide anything.

Re:what's the problem? (2)

hellkyng (1920978) | more than 2 years ago | (#38243594)

Not quite:

"I've noticed that you have cleaning products under your sinks. Didn't you know that those chemicals could be combined to make a bomb. I'm sorry, I'll have to take you to jail now. Whats that, you want to resist arrest, how silly. I'm sorry about your daddy 2 year old son, but he was a terrorist. Now please ready yourself to be probed for further explosives by our professional TSA agent."

You were close, but not quite there.

Re:what's the problem? (1)

NotSanguine (1917456) | more than 2 years ago | (#38243290)

That's odd, coming from an AC. why don't you post your name, address and telephone number so we can make sure?

Re:what's the problem? (2)

HarrySquatter (1698416) | more than 2 years ago | (#38243508)

Because your birth certificate lists "notsanguine" as your legal name, right?

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38243770)

screw you. I'm posting AC too because I hate logging into my account. I use a proxy, noscript, different browsers, and don't need my comments tracked. You post your name, address, and telephone number first.

Re:what's the problem? (3, Insightful)

Aryden (1872756) | more than 2 years ago | (#38242808)

Because my data, that I do not willingly give to you, should not be accessed by you. It's really that simple. I put things out there so that I can access them easier while I am out and about, not for you, your government, my government, hackers or advertisers to access it. This goes the same with any business in the world. There may be cheap, reliable cloud systems for storing data that will benefit the business, but hinder or harm it if it gets out into the wild. The government should not be able to access the records of foreign business and or foreign citizens without the correct due process that is afforded not only by our constitution, but also by the laws of the business' / citizen's country of residence.

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38242960)

You have way too high an image of yourself. Your lolcats pictures, pirated mp3s and worthless foss code will never be worth any government's time. Prove to me that anyone who is completely innocent and non-suspect has ever has their data just randomly snooped.

Re:what's the problem? (1)

Aryden (1872756) | more than 2 years ago | (#38243548)

I do not "LolCats". I do however have client data, contracts, billing statements, PO data etc stored.

Completely innocent and non-suspect is relative. I can store something on a cloud service that may be perfectly legal for me to do, yet in the host country may not. I've now committed a crime haven't I?

You don't have to be the person that is suspect in the beginning, there is a reason for data mining. Having someone / something snoop all data they can get a hold of in the hopes that they find something they can use. Whether it is actually usable or relevant doesn't matter.

Re:what's the problem? (1)

NotSanguine (1917456) | more than 2 years ago | (#38243390)

The government should not be able to access the records of any business and or any citizens without the correct due process that is afforded not only by our constitution, but also by the laws of the business' / citizen's country of residence.

FTFY

Re:what's the problem? (1)

Aryden (1872756) | more than 2 years ago | (#38243480)

Thanks, train of thought derailed halfway through that sentence.

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38242916)

> implying that selfish corruption of any given individual in Law Enforcement is impossible at the Federal Level, and perhaps especially impossible within the United States.

> implying that any imbalance of power, any power differential could never possibly, will never EVER be abused.

Good luck with that.

Checks and Balances, my friend. We have them for a reason.

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38243038)

So prove that this HAS been abused or shut up. You idiots are the reason people people label those against these laws as privacy "nuts". Foaming at the mouth at everything doesn't help your case.

Re:what's the problem? (1)

clonehappy (655530) | more than 2 years ago | (#38243352)

Posted by an AC. Priceless.

Re:what's the problem? (1)

HarrySquatter (1698416) | more than 2 years ago | (#38243532)

Posted by someone who also uses an internet pseudonym. Priceless.

Re:what's the problem? (0)

Anonymous Coward | more than 2 years ago | (#38242998)

I don't see the issue. Unless your using the cloud to store kiddy porn, your terrorism plots, or other illegal shit why do you care? The lady doth protest too much, methinks.

This is the classic apologist argument for fascism:

"If you're not doing anything illegal, what have you got to hide?"

Re:what's the problem? (4, Insightful)

bmo (77928) | more than 2 years ago | (#38243288)

The fascists rely on the Just World fallacy to back up their arguments.

The world is just. Shit happens to you because you did something wrong.

It's a load of horse-shit.

--
BMO

Re:what's the problem? (2)

NotSanguine (1917456) | more than 2 years ago | (#38243632)

I used to think it was awful that life was so unfair. Then I thought, wouldn't it be much worse if life were fair, and all the terrible things that happen to us come because we actually deserve them? So, now I take great comfort in the general hostility and unfairness of the universe.

--JMS

Re:what's the problem? (4, Informative)

NotSanguine (1917456) | more than 2 years ago | (#38243270)

I don't see the issue. Unless your using the cloud to store kiddy porn, your terrorism plots, or other illegal shit why do you care? The lady doth protest too much, methinks.

Because my payroll records, confidential company databases/documents, strategic plans, company emails and other stuff isn't anyone else's business even if there's nothing illegal immoral or fattening about them.

Are you really a moron, or do you just play one on /.?

Re:what's the problem? (2)

HarrySquatter (1698416) | more than 2 years ago | (#38243484)

Why are you storing confidential data on a server controlled by someone else? That's a dumb idea even without this law existing.

This all seems to be in order... (0)

Anonymous Coward | more than 2 years ago | (#38242460)

Well, at least their fear mongering seems to be accurate. Is it really FUD if it's true, or maybe it's just a good reminder that we used to feel a little more secure in the privacy of our thoughts and data.

lol (2)

Loopy (41728) | more than 2 years ago | (#38242474)

If people think their own government security/spy agencies aren't hacking (or coercing their way) into their own (non-US) infrastructure, then that's more a statement about their own gullibility than those mean, nasty Americans and their dastardly Patriot Act.

Re:lol (0)

Anonymous Coward | more than 2 years ago | (#38242566)

My country's cops can't even read email headers. I can't imagine them hacking into anything. I mean, intellectually, I know they must have a few good people on the payroll somewhere, but they sure aren't in evidence.

Re:lol (1)

forkfail (228161) | more than 2 years ago | (#38242574)

Difference is that we, like China, have declared that our secret police have carte blanche to examine your data.

Re:lol (1)

ColdWetDog (752185) | more than 2 years ago | (#38242626)

Yeah. I'm trying to figure out just who anybody would trust as a cloud provider for sensitive data outside the US. Great Britain? France? Turkmenistan? If international 'cloud' providers are bringing this up then pot, meet kettle.

Really, we've been about this time and time again. Some stuff you can put in 'the cloud'. Other stuff ought to be locked in your basement. Your own basement.

Re:lol (0)

Anonymous Coward | more than 2 years ago | (#38242936)

Canadian (fully owned and operated only) businesses.

We have pretty much the same laws, rules, and lifestyle as the US but without the Patriot Act (Well, for now, Harper can't seem to keep his lips off {President of the day in US}'s Ass so this is probably going to change in the next 2-3 years)

I really don't like the US anymore, I haven't even bothered to get my family passports as I have no intention of ever going there with them... I'm only 3 hrs from the border but just don't like the idea of traveling there at all. I stick to Visiting other parts of Canada now (note, I used to go to the US almost monthly before the Patriot Act and the requirement to have a passport (I have my passport but it's one more thing to bring, secure, maintain, etc)).

You know what? I don't really feel like I'm missing anything either... once my kids are old enough I will get them passports as I am looking forward to taking them to some museums in England though. Maybe the US tantrums will be over by then and it'll be reasonable to go there and I can check out a few tourists traps there... nah, I think it's only downhill from here :(

Who puts sensitive data offsite unencrypted? (0)

Anonymous Coward | more than 2 years ago | (#38242570)

If your data gets accessed without your knowledge or consent then it is your own fault.

Laughable (4, Interesting)

koan (80826) | more than 2 years ago | (#38242572)

The "cloud" analogy always seemed like "newspeak" to me, designed to get the customer to NOT think about where their data is "Don't worry we will take care of it" while their data is sitting on some cheesy server with questionable security practices and the usual disgruntled suspects.

Seriously what next? A service to wipe your ass because you can't be bothered? (note to self research iPhone controlled bidet)

Since it still has to sit on a server somewhere it might as well be your own server then deploy software that makes it accessible to you on the road, in addition how many jobs does this destroy for IT personal, some of the few decent paying jobs left in the USA.

To me the "cloud" is as ridiculous as Facebook, if you're stupid enough to put your data on FB you deserve what you get.

Re:Laughable (3, Funny)

drooling-dog (189103) | more than 2 years ago | (#38242910)

The "cloud" analogy always seemed like "newspeak" to me, designed to get the customer to NOT think about where their data is

Whenever I say "the cloud", I have to wave my arms around and look at the ceiling. I just can't help myself.

Re:Laughable (1)

johnkoer (163434) | more than 2 years ago | (#38242954)

note to self research iPhone controlled bidet

Not quite an iphone, but one with a remote control [amazon.com]

Can I get a... (0)

Anonymous Coward | more than 2 years ago | (#38242580)

USA! USA! USA!

We're MUCH safer then the other guy... TRUST us... (4, Insightful)

zarmanto (884704) | more than 2 years ago | (#38242586)

Salesman: "That's right, since we don't operate within the borders of those capitalist pig Americans, we're way more trustworthy then them... We absolutely promise that we'll never give away your data to the US government, no matter how many times they ask us.
Customer: That's great... but what about your own government? Do you ever give data up to them?
Salesman: Huh? Well, of course not! At least, not without a court order, anyway... or a law which says we have to for some reason.
Customer: Ah... So how is that different from the US based companies again?
Salesman: Ummm... but... capitalist pigs... ummm...
Customer: I see. Well, this has been very illuminating indeed. I'll get back to you on my decision real soon.
Salesman: ............... Wait... what just happened?

Re:We're MUCH safer then the other guy... TRUST us (5, Informative)

forkfail (228161) | more than 2 years ago | (#38242660)

Except that said US court orders can be executed by a secret court with no oversight. Pretty much like China's.

Canada Too.. (4, Informative)

codegen (103601) | more than 2 years ago | (#38243262)

You miss the point. The point is the jurisdiction of the court. Both Europe(and Canada) have data protection laws that say that you cannot divulge certain classes of data without a court order. And it has to be a European (resp. Canadian) court that allows you to give up the information. If you store the data in another jurisdiction where another court can order the data to be divulged, then you have a problem. Because the moment that the cloud service obeys a court order from the other jurisdiction and discloses some of your data, you are in breach of the law in your jurisdiction. The sticking point in the case of the U.S. Patriot Act is that the US government can demand the data without any court oversight and in addition prevent the cloud service from notifying you that the data was disclosed. There have been several controversies here in Canada, specifically in the area of health and student information. One of the provincial governments wanted to outsource some of the government health plan data management to a U.S. company (the lowest bidder). It was effectively stopped because they could not guarantee that someone would not use a U.S. court to order the data management company to disclose the health information of a Canadian citizen in the US. As a result, the data had to remain in Canada, and the US company did not get the contract. Similarly, student information at Canadian Universities has been an issue. I am a professor, and I cannot legally put a spreadsheet with student marks or any other student information in dropbox or on any cloud service that stores the data in the U.S. Just this month, I was approached by a web based application provider that wanted me to use their web app in our classes. But the web app stored all of the data in Amazon EC2. I had to tell them that the best I could do is inform the students that the app existed and disclose the fact that their data would exist outside of Canadian jurisdiction, but under such circumstances, we could not formally adopt the software for the course. We can't require the student to student to store data outside of Canadian jurisdiction as a condition of getting the degree (i.e. completing assignments, and passing the course). Any European company is going to be in a similar bind. While the Data Safe Harbour is supposed to provide an out. But it depends on the extent to which the European governments want to make a stink if the US government goes after the European data held by US companies. Even if the government doesn't make a stink, the nightmare of a European company would be the PR disaster of client data being revealed because of court action in the US.

EP!t! (-1)

Anonymous Coward | more than 2 years ago | (#38242728)

th3re arE

Pet my pee pee! (-1)

Anonymous Coward | more than 2 years ago | (#38242796)


Soft Kitty,

Warm Kitty,

Little ball of fur.

Happy Kitty,

Sleepy Kitty,

purr purr purr.

Very real issue (5, Informative)

dave562 (969951) | more than 2 years ago | (#38242904)

We deal with this on a daily basis. Our clients (large Fortune 500 corporations) are requesting that we do not store data in the US. I personally think it has more to do with the fact that they are up to shady financial maneuvers than terrorism, but the end result is the same. It is just another nail in the economic coffin of the United States. The oft claimed, "It is too expensive/risky to do business in the States" rears its ugly head again.

The article talks about "cloud" providers, which we are not. We are more of a SaaS shop, but the regulatory challenges are the same. It all comes down to the client wanting to feel like their data is safe, and that they will have some expectation of privacy. With the United States government declaring the right to come in and seize data (the life blood of any company in this day and age) without any form of real due process, corporations are deciding that they do not want to subject themselves to that unnecessary liability.

It's true (4, Informative)

Baldrake (776287) | more than 2 years ago | (#38242906)

I work at a 2,000 person organization outside the US. The institution has formally adopted a policy that no sensitive data can be hosted in the US, precisely due to the Patriot Act.

Don't look for logic in this. They would rather we use a server sitting under some IT guy's desk than use, say, DropBox, which is based on encrypted S3 storage. But perceptions are everything.

Dropbox encrypted? (4, Informative)

codegen (103601) | more than 2 years ago | (#38243412)

This has come up in the past. While dropbox uses S3 for the base encryption layer, the staff at dropbox have access to the encryption keys. In fact because of a FTC complaint [wired.com] dropbox had to change the terms of use as explained on their blog [dropbox.com] To clearly indicate that while the contents are encrypted, that dropbox staff still have access to be able to comply with the US justice system. And the US can order the dropbox to disclose the data without telling you that the data was disclosed. At least if the courts come after the data in the server sitting under some IT guy's desk, you will know about it.

Re:It's true (1)

LilWolf (847434) | more than 2 years ago | (#38243518)

Given the security problems DropBox has had, no sane person let alone corporation would use it for anything remotely important.

Attn: Soulskill Post Is In the Wrong Department (2)

sehlat (180760) | more than 2 years ago | (#38242908)

Should be the "All Your Data Are Belong To Us" department.

Cloud computing is pie in the sky (3, Interesting)

babboo65 (1437157) | more than 2 years ago | (#38242912)

This will show who's asleep at the wheel. All the services offering SaaS and Cloud-based services including anti-virus, mail storage, NAS, vulnerability management, the list grows - come at a cost. Namely who are the vendors and who are the customers? When a business had all their enterprise servers on-site there was no question who managed, maintained, and monitored the data at rest or in motion. Now, if a company (and what happens if the "company" is a hospital or retailer having to meet auditory compliance) used a cloud-based service offering they have no way of knowing who is managing, monitoring, maintaining or accessing their data. This is off-shore outsourcing gone awry. It may make sense briefly on the bottom-line, but the bean counters are not considering the extended costs of security and vulnerability. Put your trusted data in someone else's hands and you are assuming they are just as, if not more, safe as you would be.

Re:Cloud computing is pie in the sky (1)

clonehappy (655530) | more than 2 years ago | (#38243500)

Thing is, no one really cares. Especially in areas with "auditory compliance". The bottom line is all that matters, and now that most industries have a revolving door between their regulatory agencies and their own personnel departments, it's one big profit orgy at the expense of the middle class. We're really entering an era of pure capitalism, but only for the insiders. Everyone else is run out of business buy the bought-and-paid for regulators. Crony capitalism: It's not just for Wall Street anymore. So if you think any of these people really give one good god damn about the security of your personal information, think again. HIPAA is to your health information what the USAPATRIOT act is to terrorism. Security theatre.

Please help meeee (0)

M0j0_j0j0 (1250800) | more than 2 years ago | (#38242914)

Quick i need assistance, i step into this article today, use the stamina, right in the heart: "Cloud computing is a transformational model for delivering IT Services. Replacing the rigid boundaries of traditional IT infrastructure with the elasticity of the cloud give businesses the agility to quickly react to rapid changes in demand and better serve their customers. "

Correction... (1)

TallDarkMan (1073350) | more than 2 years ago | (#38242968)

Put your data on a U.S.-based cloud, they warn, and you may just put it in the hands of the U.S. government.

Try "Put your data on a U.S.-based cloud, they warn, and you WILL put it in the hands of the U.S. government."

Blatent irony (1)

crutchy (1949900) | more than 2 years ago | (#38243248)

Re: "But competitors overseas are using it as a way to discourage foreign countries from signing on with U.S. cloud computing providers like Google and Microsoft"

I'm sure Microsoft and Google are the innocent victims here... not guilty of any sorts of anti-competitive practices at all :)

We'll fix this in a jiffy! (1)

frank_adrian314159 (469671) | more than 2 years ago | (#38243258)

We'll just amend the law so that our honored corporate personages are no longer subject to these ignominities while keeping our human scum personages subjugated to the full extent of our data-searching wrath! After all, corporations never support illegal activities, but humans? You can't trust them any farther than you can throw them (or bomb them, or lock them up, etc.).

Private Cloud Computing (0)

Anonymous Coward | more than 2 years ago | (#38243284)

Host it anywhere, http://cloudi.org

But... (0)

Anonymous Coward | more than 2 years ago | (#38243448)

"But competitors overseas are using it as a way to discourage foreign countries from signing on with U.S. cloud computing providers like Google and Microsoft: Put your data on a U.S.-based cloud, they warn, and you may just put it in the hands of the U.S. government.'"" All while lying through their teeth when they say they won't provide legally requested info...much less that their own governments are doing the same as the US.

FUD

ECHELON and Room 641A (1)

Mojo66 (1131579) | more than 2 years ago | (#38243454)

Anyone remember ECHELON [wikipedia.org] . The US spying on its own allies is not an issue since 9/11 and the Patriot Act. The Patriot Act and 9/11 just gave them a new ground to put political pressure on the EU (see also airline passenger data and SWIFT) after the cold war was over. Is there anything similar to Room 641A [wikipedia.org] in the EU? The US demanding all kinds of intelligence data from the EU would maybe Ok provided that the deal would be mutual. But does the EU get US airline passenger data? No. Does the EU get US bank transfer information? No.

So why should we trust the US?

Re:ECHELON and Room 641A (0)

Anonymous Coward | more than 2 years ago | (#38243700)

Don't forget the fingerprinting all visitors to the USA.

You F41l It (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#38243560)

and Suggesting They learn from our or make loud noises OS. No3 BSDI is ink splashes across DOG THAT IT IS. IT

Pun Intended (1)

colsandurz45 (1314477) | more than 2 years ago | (#38243866)

Pun Intended

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>