Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Researchers: PATRIOT Act Can 'Obtain' Data In Europe

Soulskill posted about a year and a half ago | from the otherwise-the-terrists-win dept.

Cloud 133

An anonymous reader writes "U.S. law enforcement and intelligence services can use the PATRIOT Act/FISA to 'obtain' EU-stored data for snooping, mining and analysis, despite strong EU data and privacy laws, according to a recent research paper. One of the paper's authors, Axel Arnbak, said, 'Most cloud providers, and certainly the market leaders, fall within the U.S. jurisdiction either because they are U.S. companies or conduct systematic business in the U.S. In particular, the Foreign Intelligence Surveillance Amendments (FISA) Act makes it easy for U.S. authorities to circumvent local government institutions and mandate direct and easy access to cloud data belonging to non-Americans living outside the U.S., with little or no transparency obligations for such practices -- not even the number of actual requests.' Arnback added, 'These laws, including the Patriot Act, apply as soon as a cloud service conducts systematic business in the United States. It's a widely held misconception that data actually has to be stored on servers physically located in the U.S.'"

cancel ×

133 comments

Sorry! There are no comments related to the filter you selected.

Same applies elsewhere? (4, Interesting)

Intrepid imaginaut (1970940) | about a year and a half ago | (#42190659)

I guess the same thing applies elsewhere too, like China or Saudi Arabia. If a company wants to conduct business in a country it has to comply with the laws of the country. The main difference is the US is such a huge market that most companies would rather hand over the data than be shut out of it. In a situation where the laws of two different large markets are in direct conflict, it probably becomes a question of "can we get away with it".

Re:Same applies elsewhere? (1)

Chatterton (228704) | about a year and a half ago | (#42190697)

Could they encrypt they data? And only a subsidiary who only work for the provider have the keys? That way, they can ask the datas, but not the keys because the company holding the keys doesn't work in the states...

Re:Same applies elsewhere? (3, Interesting)

RobertLTux (260313) | about a year and a half ago | (#42190905)

and then be accused of having ties to Terrorists/ Child Slavery/Whatever and then everything held by the company remotely "US based" gets seized.

Re:Same applies elsewhere? (1)

Anonymous Coward | about a year and a half ago | (#42191385)

Could they encrypt they data? And only a subsidiary who only work for the provider have the keys? That way, they can ask the datas, but not the keys because the company holding the keys doesn't work in the states...

Subsidiaries work fine against civil claims, but they are not effective against this sort of criminal law. The US can apply great pressure on the people who run the US holding company to get the data for them. The board of the subsidiary will normally be made up of people from the holding company. Even if it isn't, because the board of the holding company control the shares of the subsidiary, they can replace the subsidiary's directors.

You could put your faith in the local subsidiary staff to resist any requests from head office that are illegal under local law. However this has several flaws. Head office may give a better reason for the request other than "we are getting pressured under the Patriot act" so the true use of the data in the US may not be known. The subsidiary is likely to rely on software and services from head office, so that is another avenue for access. Lastly, consider how effective social engineering attacks by outsiders are - imagine how effective a social engineering attack could be from somebody who really is far more senior than anyone in the subsidiary.

This isn't a detailed legal analysis, of course, but I would have no more expect that a US company could put data beyond the reach of the Patriot Act by putting it into a subsidiary than I would expect that they could simply transfer the proceeds of crime into a subsidiary and put it beyond the reach of forfeiture.

Re:Same applies elsewhere? (1)

hawguy (1600213) | about a year and a half ago | (#42192135)

Could they encrypt they data? And only a subsidiary who only work for the provider have the keys? That way, they can ask the datas, but not the keys because the company holding the keys doesn't work in the states...

Rather than handing the keys over to the hosting company, the company should hold their own encryption keys - then no one can access their data without permission, not even the hosting company. (well at least not data at rest - the hosting company can still intercept web traffic, scrape server memory, etc).

Re:Same applies elsewhere? (2)

rapiddescent (572442) | about a year and a half ago | (#42192457)

A large UK based multi-national org that I've worked for has the exact problem of hosting all its data centres in the USA. The big problem is that there are USA laws that apply that there is no equivalent in the UK/EU and there are contradictory laws where a lawyer would just choose the best jurisdiction. With-holding keys would be an offence under UK law (RIPA) but not under USA law.

e.g. in the UK, Freedom of Information only applies to government entities.

So, If a UK consumer (who knew the data was hosted in the USA) wished to find out information that extends further than a DSIR [ico.gov.uk] they could get a US Attorney to do a FOI request [state.gov] at the US host and get information that normally they could not get at an EU host.

Re:Same applies elsewhere? (2, Interesting)

Anonymous Coward | about a year and a half ago | (#42190723)

So, uh, what about complying with EU laws by not handing over the data to America?

Re: Same applies elsewhere? (1)

Chatterton (228704) | about a year and a half ago | (#42190819)

Then the US will ask your extradition to be judged for helping a terrorist organisation by not providing them the requested datas.... Whatever you do, you are fucked :-/

Re: Same applies elsewhere? (1)

Alain Williams (2972) | about a year and a half ago | (#42193057)

But at least the extradiction request would have to be made in the open -- so it could not be done in secret as can be done under the patriot act. If enough fuss is made then local (non USA) politicians might get enough complains to do something about it.

Re:Same applies elsewhere? (0, Insightful)

Anonymous Coward | about a year and a half ago | (#42190803)

I guess the same thing applies elsewhere too, like China or Saudi Arabia. If a company wants to conduct business in a country it has to comply with the laws of the country. The main difference is the US is such a huge market that most companies would rather hand over the data than be shut out of it. In a situation where the laws of two different large markets are in direct conflict, it probably becomes a question of "can we get away with it".

Well, considering that EU is a larger market than the US I would say that we already are at your last point.
US tells companies to hand over the data and the EU tells them not to. It's much easier to verify that the data has been handed over than it is to verify that it hasn't. The way out is to hand over the data silently and hope that EU doesn't find out.

Re:Same applies elsewhere? (1)

Zemran (3101) | about a year and a half ago | (#42191195)

China is a bigger market and American companies are just as prepared to do business there regardless of the implications. The more we extend our laws the less argument we have when someone is arrested on a business trip to China* and put in some hell hole for something that they did not realise was illegal.

*For China, also read Saudi, Russia etc.

Re:Same applies elsewhere? (0)

Anonymous Coward | about a year and a half ago | (#42191219)

So, the FBI could storm into Google's offices in London, and seize the records of millions of Britons, and it'd ostensibly be completely legal because they do business in the US.

So are you suggesting that China could storm into Google's offices in San Francisco and seize the records of millions of Americans?

Re:Same applies elsewhere? (1)

NatasRevol (731260) | about a year and a half ago | (#42191757)

Yes.

No*

*Not until they pass a similar PATRIOT Act.

But then, that's why we haven't done it to China companies. Because the blowback would get messy. EU companies are already our bitch.

Take a look at extradition laws (0)

Anonymous Coward | about a year and a half ago | (#42191979)

Or indeed international law.

USA: Only if we want it to apply will it.

The USA will not allow a company to give China data.

The USA will not allow a company to withold data to them.

It's called hypocrisy.

So what we learn from this is.... (5, Insightful)

stiggle (649614) | about a year and a half ago | (#42190665)

Host your own data. Do not trust the cloud.

Re:So what we learn from this is.... (1)

OzPeter (195038) | about a year and a half ago | (#42190891)

Host your own data. Do not trust the cloud.

Hosting your own data isn't hard to do. What I see as more of an issue is how do you build and host your own Internet? (and ensure that only people you "trust" get access to it).

It is called a "Virtual Private Network" (0)

Anonymous Coward | about a year and a half ago | (#42190959)

It is called a "Virtual Private Network", or VPN for short... :)

Re:So what we learn from this is.... (1)

edrawr (1572199) | about a year and a half ago | (#42193901)

With the proliferation of MPLS networks, this would not be all that hard to do on an organizational level. Host your servers in [Generic Non-Extradition Country] and link all of your sites/users via MPLS or VPN to your MPLS network, as well as any other "trusted" entities.

Re:So what we learn from this is.... (5, Informative)

captainpanic (1173915) | about a year and a half ago | (#42190939)

In the Netherlands, we want to host our own data. Some want to build a national database for medical data. However, an American company is developing the software - so that might be enough for the Americans to demand access to whatever is put on that database.

So, essentially, when any US based company deals with another third party, all the data of this third party does is now declared property of the US.

This was front page news just a week ago. Not a really good advertisement for US based software developers. For the record, the project manager (who is Dutch) denies that the Americans would get access. And I guess that under the Patriot Act it is also illegal to claim that the US is snooping around. So, for the record, I deny writing this post, since this is hosted on an American server - or at least maintained by people who create American-centric polls.

Source in Dutch: http://www.metronieuws.nl/nieuws/beheerder-patientendossier-vreest-patriot-act-niet/IWIlkD!AQnwumcZSKxKeH8VP9BZwQ/ [metronieuws.nl]

Re:So what we learn from this is.... (0)

Anonymous Coward | about a year and a half ago | (#42190957)

The cloud does offer lots of advantages. I am concerned with the trend of moving data away from the physical devices we own, however. It sometimes seems more of a limitation than advantage since access to a "cloud" typically requires permission of a third party.

Re:So what we learn from this is.... (4, Insightful)

OzPeter (195038) | about a year and a half ago | (#42191445)

The cloud does offer lots of advantages.

I can't remember where I saw it, but someone suggested that wherever you see the phrase "the cloud", replace it with "someone else's computer" and see how that changes the context.

What was that about nefarious UN? (1)

Anonymous Coward | about a year and a half ago | (#42190671)

This is the government CURRENTLY in charge of the freedom of the internet.

Apparently that means "your data is free to US"...

Re:What was that about nefarious UN? (3, Funny)

Anonymous Coward | about a year and a half ago | (#42190753)

It clearly says "All your data are belong to US".

Not all of Europe (1)

Anonymous Coward | about a year and a half ago | (#42190675)

How about Kalingrad, Russia [google.com] ?

Re:Not all of Europe (1)

Zemran (3101) | about a year and a half ago | (#42191229)

... or even Moscow, which is also in Europe.

Re:Not all of Europe (2)

Teun (17872) | about a year and a half ago | (#42191311)

I'm sure when an article mentions European (privacy) law the implication is we're talking about European Union law.

two edged blade (0)

Anonymous Coward | about a year and a half ago | (#42190683)

I wonder how long till China will put in place the same "international laws" to happily spy upon the oh-so-high-and-might America ?

Re:two edged blade (1)

craigminah (1885846) | about a year and a half ago | (#42190903)

That's why we don't store our data in a cloud hosted in China...

Re:two edged blade (1)

dk90406 (797452) | about a year and a half ago | (#42190979)

According to TFA, it does not matter where the data is stored. It matters if you do business with the country issuing the law...
Of course, almost no US companies does business with China, so no worries there.

Re:two edged blade (2)

gstoddart (321705) | about a year and a half ago | (#42191107)

It matters if you do business with the country issuing the law...
Of course, almost no US companies does business with China, so no worries there.

So, when China or someone else passes a similar law, the US will accept that their companies have to hand over the data to the local government because that's how it works?

Or will they basically say their laws and interests trumps everybody else's, and too bad? Because I can't see other sovereign nations accepting that.

Re:two edged blade (1)

dk90406 (797452) | about a year and a half ago | (#42191191)

No, the US would not accept that at all. Neither does Europe.

US companies may however be more willing to secretly break EU law by handing data to US, than breaking US law by handing data to China...
All this is theoretical, based on a research paper. If proof surfaces that Amazon, Google et al. passes European Data to the US Governemnt against EU privacy regulations, it would be headline stuff for a long time, weeks and have huge international diplomatic and business repercussions.

Re:two edged blade (0)

Anonymous Coward | about a year and a half ago | (#42191789)

Europe already has accepted it, for years now.

Just another reason.... (0)

Anonymous Coward | about a year and a half ago | (#42190685)

To NOT put your private/important data in the mighty cloud.

Bullshit (4, Interesting)

Rakshasa-sensei (533725) | about a year and a half ago | (#42190701)

The EU Data Protection Directive is very specific on this issue; the hosting/cloud company can only locate the data in the US, or even transmit it there, if there is an explicit guarantee that the data has the same level of protection.

Basically yes, the US could use the Patriot Act to obtain protected EU data from US-based companies. And yes, the company would then have broken the EU directive and would face the courts.

Re:Bullshit (3, Interesting)

Thiez (1281866) | about a year and a half ago | (#42190789)

> And yes, the company would then have broken the EU directive and would face the courts.

How would the EU courts find out?

Re:Bullshit (3, Insightful)

Rogerborg (306625) | about a year and a half ago | (#42190853)

Indeed, don't these demands tends to come with "and if you tell anyone we've asked, you win a free one way trip to Guantanamo Bay" condition attached?

Re:Bullshit (0)

Anonymous Coward | about a year and a half ago | (#42191923)

National Security Letter.

Re:Bullshit (2)

Meneth (872868) | about a year and a half ago | (#42190881)

> And yes, the company would then have broken the EU directive and would face the courts.

How would the EU courts find out?

They wouldn't.

Re:Bullshit (1)

delt0r (999393) | about a year and a half ago | (#42190987)

Then how can the US use the information?

Re:Bullshit (2)

Rakshasa-sensei (533725) | about a year and a half ago | (#42191357)

Cause the top guy in the EU subsidiary, and every single person in the chain down to the guy who gave access to the US, would not mind spending time in jail? Either the top guy knows, or someone else is getting screwed, so someone is going to cover their ass and tell.

And they're all, more than likely, living in the Europe so the prospect of being wanted in the US versus being in jail in the EU should be an easy choice.

Re:Bullshit (2)

Alain Williams (2972) | about a year and a half ago | (#42193095)

I wonder if you could claim polical assylum in your own country to stop yourself being extradicted to the USA ?

Re:Bullshit (1)

mrbester (200927) | about a year and a half ago | (#42191175)

Because it is the law to disclose when that data leaves the EU. So you either break EU law twice or EU and US law once each. Nice choice. One way can get your company fined into oblivion, the other goes after personnel and (allegedly) imprisons them. Guess which will be chosen.

Re: with a Warrant Canary (1)

enselsharon (968932) | about a year and a half ago | (#42193073)

My storage provider maintains a warrant canary:

http://www.rsync.net/resources/notices/canary.txt [rsync.net] ... and since my account is in Zurich, I check the local copy there.

Re:Bullshit (0)

Anonymous Coward | about a year and a half ago | (#42190857)

The problem is, how would we know? The FISA espcecially doesn't require any book keeping or informing the clients that data has been looked into.

The real problem here is Megaupload. Where the US declared that a company falls within it juristiction even if no data is kept there, as long as there are 'ties' to the US. It's very vague and in principle _everything_ could be tied to the US. (Your .com hostname is on a US DNS server for example)

This means, even if your cloud company does not keep data on server in the US, but only in the EU, the US government could _still_ legally compell the cloud service to provide the data of the EU servers under law.

There's the real problem. And nobody has to inform the EU or the companies who own the data.

Re:Bullshit (1)

arendjr (673589) | about a year and a half ago | (#42190859)

It's not bullshit at all. But yes, the Data Protection Directive makes it very hard for companies to comply with both PATRIOT and the DPD. In other words, many US companies are excluded by default from providing cloud services to many European agencies.

Re:Bullshit (5, Insightful)

gstoddart (321705) | about a year and a half ago | (#42191027)

But yes, the Data Protection Directive makes it very hard for companies to comply with both PATRIOT and the DPD.

No, it makes it impossible. the PATRIOT act says "no matter what local laws say, you are obligated to do this" ... the data protection in other countries says "you are absolutely required to not do that".

Basically, the Americans are saying their laws trumps everybody else, and the cost of doing "systematic business in the United States" is that their laws trump everybody else.

Sadly, the US has decided that, the laws of other countries be damned, if you do enough business here you have to do what we say.

Yet another example of how the US is declining into a xenophobic country, who has no intention of playing nicely with everybody else -- and American businesses might suddenly find themselves as unwelcome entities around the world as you pointed out. (Which of course they would probably go to the WTO or say "Waahh, you won't let us play in your sandbox" to try to force those countries to allow American companies to do business despite the fact that they essentially can't be trusted.)

Essentially the only choice is to treat American owned companies as if they're agents of a hostile, totalitarian state -- because if any other country passed a law that said "if you do systematic business here, you must hand over your data to our government", the US would be up in arms talking about the freedoms they're not prepared to extend to other countries.

I know here in Canada, US owned companies are precluded from some government contracts for this very reason, and pretty much all cloud providers which could host data there are not legally allowed because they open the risk of sensitive data being handed to the Americans without anybody knowing.

I think this will pretty much be the point at which a lot of these US companies who could be in this position will suddenly start finding a lot of doors closed in their face with a "Oh, sorry, since we can't trust you or your government, you can't come in".

Re:Bullshit (2)

drinkypoo (153816) | about a year and a half ago | (#42191343)

Yet another example of how the US is declining into a xenophobic country, who has no intention of playing nicely with everybody else

Declining into? You haven't read about the history of United Fruit Company, have you? I recommend Bananas (the book, not the fruit, though the fruit is delicious.)

Re:Bullshit (0)

Anonymous Coward | about a year and a half ago | (#42191413)

Or this could be interpreted as the cost upon a company of fulfilling a PATRIOT act request upon data that is controlled under the EU Data Directive is the cost of extraction + getting fined by the EU and potentially disallowed from trading with EU countries. If a response to a request by the USA government is, "You do realise that if we do this we may have to stop trading in Europe?" It is then up to the USA to decide if screwing over one of their own companies is worth the data they may potentially gain.

Re:Bullshit (1)

Anonymous Coward | about a year and a half ago | (#42191459)

As one of 'the Americans', I'd like to apologize for the theft of Canadian data. I can say with confidence that most of us don't want your data. It is unfortunate that a small but powerful segment of our population have done this in the name of us all.

Re:Bullshit (2)

Thaelon (250687) | about a year and a half ago | (#42191729)

Essentially the only choice is to treat American owned companies as if they're agents of a hostile, totalitarian state

As if?

Re:Bullshit (0)

kenorland (2691677) | about a year and a half ago | (#42192079)

Basically, the Americans are saying their laws trumps everybody else, and the cost of doing "systematic business in the United States" is that their laws trump everybody else. Sadly, the US has decided that, the laws of other countries be damned, if you do enough business here you have to do what we say.

Yes, if you do business in the US (any business) you need to comply with US law. It works the same for Europe and other places. The only difference is that the US market is so important that companies can't ignore it, but that's not America's fault, and the US is under no obligation to weaken its laws just because Europeans can't get their act together on competitiveness.

Re:Bullshit (3, Insightful)

NatasRevol (731260) | about a year and a half ago | (#42192531)

Wow, that's seriously missing the discussion.

Do US laws apply to EU companies, IN the EU, just because they have a US branch?

No, they don't. Even if the US thinks they do.

Just in case you're unclear, try switching the US and the EU, see how that feels.

Re:Bullshit (0)

kenorland (2691677) | about a year and a half ago | (#42194125)

Do US laws apply to EU companies, IN the EU, just because they have a US branch?

Yes, they do, because if they have a US branch, the US can enforce judgments against those companies. That's how laws and jurisdictions work. It works the other way around too.

Just in case you're unclear, try switching the US and the EU, see how that feels.

You mean, the kind of self-serving arrogance with which Europeans have been imposing their cultures, languages, laws, and businesses on the rest world since the 15th century? I don't need to imagine, it's in the history books.

Re:Bullshit (1)

fredprado (2569351) | about a year and a half ago | (#42192603)

Sorry, but no other country tries to extend their laws outside their borders as US does. US seems to think that their laws trump any local laws of any other country whenever they see fit. That is a delusion of grandeur that may still prove to be its downfall.

Re:Bullshit (1)

dank zappingly (975064) | about a year and a half ago | (#42192165)

I see a lot of criticism with regard to the Patriot Act, but a lot of it is due to misinformation and it isn't going to have a practical effect in most cases. The United States has mutual legal assistance treaties with other countries so unless you're storing your data in Venezuela, they'll probably be able to get it if terrorism is suspected. Canada has the Canadian Anti-Terrorism Act, which is very similar to the Patriot Act, except that no one ever talks about it. In the event that there is a bona fide suspicion of terrorism I don't think the U.S. would have trouble getting access to data in Canada, whether or not the Patriot Act existed.

Re:Bullshit (0)

Anonymous Coward | about a year and a half ago | (#42192637)

Pretty sure Canada isn't saying they can access any data in the US, just because a company has a Canadian branch.

Re:Bullshit (1)

Local ID10T (790134) | about a year and a half ago | (#42193009)

Exactly so. There are treaties which specifically require sharing of intelligence data with the USA (and other countries). These treaties are generally held to trump laws prohibiting the sharing of such data.

e.g.
-USA makes request of company x for data.

-Company x responds that it is not allowed to provide the data, per law y in country z.

-USA requests that country z provide exception to law y for company x regarding the requested data, per treaty.

-Country z tells company x to provide the data.

-Company x provides the data, and is prohibited from admitting publicly that it did so. National security requirements in the USA (and in the countries which signed these treaties with the USA) make doing otherwise an act of treason.

Re:Bullshit (1)

moronoxyd (1000371) | about a year and a half ago | (#42191367)

In other words, many US companies are excluded by default from providing cloud services to many European agencies.

The DPD should apply not only to European agencies but also citizen of a EU country.
So companioes like Dropbox should in theory not provide any service in the EU at all.

I personally am using German hosting providers that state that they only use server located in Germany/Europe.

Re:Bullshit (0)

Anonymous Coward | about a year and a half ago | (#42190999)

The only conclusion is that Europeans should not use American based cloud services, otherwise they are breaking the law.

Re:Bullshit (1)

Alarash (746254) | about a year and a half ago | (#42191117)

That'll be in a Terms of Service or EULA. Larger companies will have lawyers review those, not the average developer or citizen.

Amazon and Microsoft must love how that part of the Patriot Act fucks their business up. Many European companies, and 100% of the governments, won't subscribe to their service just because US can seize the content. Thanks for boosting our local economies by making it worthwhile for European companies (Thales, Dassault, Bull, Orange) to build their own cloud with no competition from the US.

Re:Bullshit (1)

Teun (17872) | about a year and a half ago | (#42191531)

This is the problem.

We use Concur, a US based company, to do our expenses and even travel arrangements.
We also do business in and with for example Cuba and until last year in Iran, something the US has laws against.
I can see one of our employees having visited Cuba and done his expense claim via Concur being stopped at some US airport.

With this in mind and the document to support it I'll use my authority as a works council member to advise the company seek legal advise and possibly to re-evaluate our contracts with US data hosters.

SWIFT says that's irrelevent (0)

Anonymous Coward | about a year and a half ago | (#42191971)

They broke the EU directive when SWIFT handed all Europes banking data to the USA and USA data mined it.

Then end result? The current EU Commissionner, simply pretended that he had the right to waive the privacy right and waived it. So we have the right of privacy, and there's strict laws, and if you break the laws? Well EU Commission will not enforce squat.

What about NSA Warrantless surveillance of USA citizens? Look what happened there. AT&T let them have direct taps onto everyone's data, Republicans gave them immunity when they got caught. Now they're free to hand over any data, regardless of privacy laws, knowing they can just get a political stoog into power, to give them immunity.

Why are my tax dollars beings .... (1)

3seas (184403) | about a year and a half ago | (#42190759)

.... spent on MAD magazine SPY vs. SPY real life acting outs..... Don't they realize its a comic and all abstract?

Cloud storage is public, deal with it (1)

medoc (90780) | about a year and a half ago | (#42190815)

If you store anything in "the cloud" without strong encryption then you're a moron anyway so who cares ?

Re:Cloud storage is public, deal with it (1)

3seas (184403) | about a year and a half ago | (#42190961)

your snail mail box is accessible by the public and so is your P.O.Box is on public property...

Something to think about.... Having your head in the cloud is no excuse... it only shows you need radar to see past the cloud.

Re:Cloud storage is public, deal with it (1)

colinrichardday (768814) | about a year and a half ago | (#42191569)

your snail mail box is accessible by the public and so is your P.O.Box is on public property..

Yrs, but it's inefficient for the government to get information by raiding PO boxes.

The only real solution (5, Insightful)

Aethedor (973725) | about a year and a half ago | (#42190831)

Don't do business with an American company or a company that has an office in the US if you plan to use its service to store sensitive information. This may sound a bit blunt, but for me it's the only proper answer to the patriot act.

NO real solution (1)

Errol backfiring (1280012) | about a year and a half ago | (#42193369)

I don't do any business with an American company. But my hospital does. It stores all my data in an Electronic Patient Record built by an American company and hosted St. Isidorus knows where. It was already in the news that all our electronic patient records are potentially unsafe because of American law.

In Other News.. (5, Insightful)

SuperCharlie (1068072) | about a year and a half ago | (#42190911)

The US can do whatever they feel like doing because Fuck You. rabble rabble terrorism..rabblerabble child porn rabblerabble security.

Get used to it... its gonna be a long and twisted road before this crap is over.

Re:In Other News.. (0)

jasper160 (2642717) | about a year and a half ago | (#42191177)

In the past 11 years Bush 2 and Bush 3 have decimated civil rights. With the current track record of congress and the commie in chief we should soon expect no privacy.

Re:In Other News.. (0)

Anonymous Coward | about a year and a half ago | (#42191329)

Really where have you been living? I've expect no privacy already.

Re:In Other News.. (1)

KozmoStevnNaut (630146) | about a year and a half ago | (#42191435)

Commie in chief? Really?

Really?

Come back when you can tell the difference between actual communism and "I disagree with some of his viewpoints".

Re:In Other News.. (2)

grenadeh (2734161) | about a year and a half ago | (#42192099)

Don't participate in arguments you're unqualified for. Communist? No. All his viewpoints? Wrong. They aren't even his viewpoints, Romney and Obama and even Clinton and Bush were and are all pawns controlled by globalists. Yea, not actual communism, no one understand what the actual concept of communism is of course. That doesn't excuse that he has done more damage than 16 years of Bush/Clinton combined (not that Clinton did too much, he actually had a budget surplus).

Re:In Other News.. (0)

Anonymous Coward | about a year and a half ago | (#42191489)

I see how much your man, Obama, has done to retract the Patriot Act? If you could vote for him again, you would, wouldn't you? So we go broke, and allow the totalitarian society to commence in full.

Briiliiant.

Re:In Other News.. (1)

jasper160 (2642717) | about a year and a half ago | (#42192983)

Obama=Bush 3. Neither was "my man"

Over? (1)

DarthVain (724186) | about a year and a half ago | (#42191317)

I like your optimism...

Re:In Other News.. (1)

retaj (1020999) | about a year and a half ago | (#42191415)

Somehow Congress passed a law which the president signed declaring that the US Secretary of Transportation can shield U.S. airlines from paying a carbon tax. I suppose we will provide a military escort when they refuse landing?

Re:In Other News.. (1)

PPH (736903) | about a year and a half ago | (#42193193)

Oh, they'll let you land all right. Taking off again is another matter.

Re:In Other News.. (2)

Thaelon (250687) | about a year and a half ago | (#42192003)

You are correct, but make no mistake, the reason the US will do whatever they feel like is because they have the world's most formidable military by a large margin. Which basically makes it the world's largest terrorist organization. What else do you call it when you have the biggest stick on the planet and the mere threat of it is enough to make other countries do as you please? It is textbook terrorism.

And you know that it is a totalitarian regime when millions of its citizens are out of work, homeless, starving, lacking medical care, etc, yet reducing the budget doublethink-named "Department of Defense" (complete with eight, going on 11 Nimitz class "floating fortresses") is never even considered. Hell, they would rather cut social reinvestment programs like fucking healthcare first!

The whole "but they cannot be a totalitarian regime because the government is controlled by two competing political parties" simply doesn't hold either. Both parties are largely funded by the same plutocracy. They cooperate on everything that benefits the plutocracy (tax cuts for the rich, bank bailout etc, taking on more national debt), and stall on everything that benefits the proletariat (healthcare reform, socialized medicine etc). Hell, the presidential debates have been jointly run by the two supposedly opposed parties for decades - which explains why you did not see the Green Party or Libertarian parties even represented at the 2012 Presidential debates, in fact, Jill Stein, the Green Party candidate was arrested and detained without due process by the Department of Homeland Security and the Secret Service for the political crime of trying to attend the debates for the political office she legally running for!

Do I even need to mention the NSA's Total Information program? The open mockery of the 4th Amendment that is the Transportation Security Administration? Or the Department of Homeland Security whose very existence ought to be redundant given that we already have an oversized military, a national guard, and a police force?

This country is so fucked, and the collapse is coming. It simply is not sustainable as is.

Re:In Other News.. (0)

Anonymous Coward | about a year and a half ago | (#42192219)

This country is so fucked, and the collapse is coming. It simply is not sustainable as is.

The Soviet Union took 70 years to crumble, and it was way way worse than modern day US.
So be prepared to wait a while, maybe your children or your grand children will witness the complete collapse of the US of A.

Re:In Other News.. (1)

Thaelon (250687) | about a year and a half ago | (#42192491)

The Soviet Union lacked the Internet to circumvent authoritarian propaganda. This is going to happen much, much quicker.

Re:In Other News.. (2)

kenorland (2691677) | about a year and a half ago | (#42192039)

The US can do whatever they feel like doing because Fuck You

Well, Europe dropped the ball in the 20th century, so it got stuck taking care of all these problems. If Europe doesn't like the way the US handles it, all it has to do is get its shit together.

Get used to it... its gonna be a long and twisted road before this crap is over.

Well, it sure beats the "crap" that was going on before. And the way things are going, this will be "over" when the US decides its over, given that Europe and Asia are far more aggressive in restricting the liberty and privacy of their citizens.

Re:In Other News.. (0)

Anonymous Coward | about a year and a half ago | (#42192235)

Not if you continue to destroy yourselves like that.

I don't think the US has more than 10 years before it descends into a Nazi Germany equivalent (Including the embargoes. The concentration camps and the surveillance are already there). 15 years before it’s a god state like Pakistan/Iran.
20-25 before it's a nuked wasteland with only troglodytes living there... cut off from the civilized world.

Dutch EMR initiative also susceptible (0)

Anonymous Coward | about a year and a half ago | (#42190921)

It was recently revealed that one of the companies that handles (some of?) the data for the controversial Dutch EMR (electronical medical record) initiative was US-based and probably also couldn't guarantee that it wouldn't be required to disclose data to the US gorvernment if requested under the PATRIOT act. So there was this big brouhaha about it and now they're finally seeing that US companies really can't be trusted due to this law. Also gives a pretty handy excuse to make sure no taxpayer money goes overseas, I guess :D

Consult with your own Legal Counsel (0)

Anonymous Coward | about a year and a half ago | (#42191135)

Our Canadian based organization is quite paranoid about the Patriot Act.

After much research, we discovered that most countries have similar over reaching laws, and that geographical location of data centers is not the only determinant, but the legal jurisdiction of associated parent companies.

Our non-cloud physical data centre is managed by a third party, who was recently bought out by an...american company. There were concerns about the Patriot Act, but our Legal Counsel considered the risk relatively low and not an issue.

YMMV. Let the lawyers do the lawyering.

Foreign Soil (1)

wisnoskij (1206448) | about a year and a half ago | (#42191521)

Europe is foreign soil, US law does not really care what you do outside of its jurisdiction.

Re:Foreign Soil (0)

Anonymous Coward | about a year and a half ago | (#42191895)

So, this is what total and complete delusion looks like.

Re:Foreign Soil (0)

Anonymous Coward | about a year and a half ago | (#42192037)

Europe is foreign soil, US law does not really care what you do outside of its jurisdiction.

Tell that to Richard O'Dwyer [wikipedia.org] .

Re:Foreign Soil (0)

Anonymous Coward | about a year and a half ago | (#42192785)

And the US jurisdiction is the whole world judging by its actions.

We finally need a complete embargo... (0)

Anonymous Coward | about a year and a half ago | (#42191655)

... on terror states like the US and Israel, just like on Iran, China, etc.

This is a clear declaration of war on European countries!

broken Patriot Act expiration promise (0)

Anonymous Coward | about a year and a half ago | (#42191773)

Wasn't the Partiot Act supposed to be a temporary measure and set to expire? Wasn't there a clear promise and haven't most of our honorable "representatives" also made those promises? I wonder how much more people can let themselves get screwed by the very same politicians that are supposed to represent our interests before speaking up.

Obvious (0)

Anonymous Coward | about a year and a half ago | (#42191997)

This seems really obvious.
The company should either make it so they can't look into your data (which they probably don't want), or they should host the data of each person in the country that person lives.
Or simply structure the company in such a way that a separate company that is not based in the US is responsible for the data of foreigners.
The same way they do this for tax purposes.
Of course, companies really don't give a shit about any of this and will just hand your data over, because what's in it for them?

so what? (1)

kenorland (2691677) | about a year and a half ago | (#42192005)

European authorities can get personal data on Americans under Europe's (rather bad) laws when that data is hosted on European servers.It's not America's fault that Europeans have, for the most part, failed to create online services that are attractive to people.

Re:so what? (0)

Anonymous Coward | about a year and a half ago | (#42192749)

European authorities can get personal data on Americans under Europe's (rather bad) laws when that data is hosted on European servers.

Utter bullshit

Re:so what? (0)

Anonymous Coward | about a year and a half ago | (#42193627)

You are missing the point. The equivalent would be for the EU to demand that a US company, holding data on US citizens or businesses, hosted in the US, should hand over that data to the EU, if that company has a subsidiary that does any business in the EU.

Re:so what? (0)

Anonymous Coward | about a year and a half ago | (#42193705)

Oops, comment applies to parent's post.

Reddit (0)

Anonymous Coward | about a year and a half ago | (#42192251)

http://www.reddit.com/r/worldnews/duplicates/14bp4t/patriot_act_can_obtain_data_in_europe_researchers/

We discussed the matter in our company months ago (0)

Anonymous Coward | about a year and a half ago | (#42192579)

Since we are legally screwed if our customer data leaks out of our systems, every company that has to comply to the patriot act can't be considered to host our data.

duh. (0)

Anonymous Coward | about a year and a half ago | (#42192729)

duh. Captain obvious.

I hate what the USA is doing. I don't know how to get the current politicians out. My votes haven't helped the last 25 yrs.

OTOH, we aren't the only place in the world with less than desireable laws.

Two versions of the same theme (0)

Anonymous Coward | about a year and a half ago | (#42193317)

People in US: "The Chinese are infiltrating our networks and stealing our data"
People in Europe "The Americans are infiltrating our networks and stealing our data" ... so we have to conclude that the Chinese are doing it to find out about Europeans?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>