×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

French, German Leaders: Keep European Email Off US Servers

timothy posted about 10 months ago | from the at-least-those-countries-don't-spy dept.

Communications 115

jfruh writes "In her weekly podcast, German Chancellor Angela Merkel said she'd be discussing European email security with French President Francois Hollande. Specifically, in the wake of the NSA spying revelations, the two leaders will try to keep European email off of American servers altogether to avoid snooping. This comes as Merkel's government faces criminal complaints for assisting aspects of the NSA's programs."

Sorry! There are no comments related to the filter you selected.

Huh? (0)

Anonymous Coward | about 10 months ago | (#46274921)

So that you don't have to cross the Atlantic with emails and other things, but also can build up communication networks within Europe," Merkel said Saturday.

You mean if one were to send an email from Munich to Paris, it'd cross the Atlantic and come back?

NSA aside, that's a pretty sucky setup.

Re:Huh? (4, Funny)

Rosco P. Coltrane (209368) | about 10 months ago | (#46275013)

You mean if one were to send an email from Munich to Paris, it'd cross the Atlantic and come back?

Depends... Sometimes the German Army brings it directly in person.

Re:Huh? (1)

ILongForDarkness (1134931) | about 10 months ago | (#46275125)

Ja genau.

Re: Huh? (0)

Anonymous Coward | about 10 months ago | (#46275205)

Best comment ever!!!!

Re:Huh? (1)

Devoidoid (1207090) | about 10 months ago | (#46276135)

And my mod points expired yesterday!

Let's be realistic. (5, Insightful)

Arancaytar (966377) | about 10 months ago | (#46275039)

If you're sending an email from anywhere to anywhere, odds are that at least one or both of you are using an email account with one of the big US-based internet companies (Google, Yahoo, Microsoft, etc.). Or you don't even bother with email and use Facebook instead.

So your message is very likely to not only cross the Atlantic, but also get stored and backed up redundantly in several datacenters including servers in the US. This has nothing to do with internet architecture, just market forces and poor consumer options.

Internet routing only begins to matter to email security if your email account is hosted privately or by a local organization - and even then, you're better off securing the email by encryption than trying to compartmentalize a network that was designed from the beginning to ignore physical locations and borders.

Re:Let's be realistic. (1)

Anonymous Coward | about 10 months ago | (#46275341)

Let's be realistic.

I'm pretty sure European governments aren't using Gmail, Yahoo! or Hotmail, which I believe was the real point.

Politicians only have to feign anger for the privacy of the citizens. They know they're doing the same thing. It's when someone is watching the Watchmen that they get real anger over. Which past reports have stated that the German chancellor and French president were angry when they found out THEIR conversations were recorded.

Re:Let's be realistic. (2)

David Gerard (12369) | about 10 months ago | (#46275861)

Quite a few government organisations in the UK use Google Apps.

Re:Let's be realistic. (0)

Anonymous Coward | about 10 months ago | (#46276019)

doesn't matter, UK in fact runs US agenda

Re:Let's be realistic. (2, Funny)

sumdumass (711423) | about 10 months ago | (#46276603)

I don't know about official EU officials but I have it on good authority that royalmomma69@compuserve.net is the queen of england's email addrress.

Re:Let's be realistic. (0)

Anonymous Coward | about 10 months ago | (#46277425)

royalmomma69@compuserve.net

All that's left to do now is drink until the part of the brain that creates mental pictures is dead.
~ Charlie Harper

Re: Let's be realistic. (2, Informative)

Anonymous Coward | about 10 months ago | (#46276657)

This. Why aren't the Europeans moving to push client-side encryption instead of SMIME? If the NSA wants to access email on a foreign server, they can do that, either by breaking in or by asking the friendly local govt (ironically, the Germans and French are known for collaborating) to do it for them. The only thing that makes life harder (not impossible) is good crypto implemented right (no key escrow, etc).

Re:Huh? (2)

bazmail (764941) | about 10 months ago | (#46275049)

Traffic on the Net is routed according to the cheapest route, not the most direct or most efficient.

Re:Huh? (0)

Anonymous Coward | about 10 months ago | (#46275117)

Traffic on the Net is routed according to the cheapest route, not the most direct or most efficient.

And transatlantic cables are the cheapest route?

If that's the case, then why is voice communication more expensive over the cables?

Re:Huh? (3, Insightful)

squiggleslash (241428) | about 10 months ago | (#46275239)

You're looking at it at too low a level. The cheapest route to communicate between two parties is free webmail. Guess which country hosts the largest number of free webmail systems?

Re:Huh? (0)

Anonymous Coward | about 10 months ago | (#46278299)

China! Is it China? I would think so

Yes, and changing that is not an option (4, Interesting)

saibot834 (1061528) | about 10 months ago | (#46275175)

You mean if one were to send an email from Munich to Paris, it'd cross the Atlantic and come back?

NSA aside, that's a pretty sucky setup.

It's how the Internet works. To quote directly from the experts: A target's phone call, e-mail or chat will take the cheapest path, not the physically most direct path. [wikimedia.org]

Physical distance is not as important as congestion on the routes. So it might very well be that your data takes a much longer path that what you'd think, simply because it uses the fastest way, not the shortest.

Angela Merkel's approach is pretty idiotic, and it cannot fix the problems. First of all, most emails are routed through the US either because the sender or the recipient has an American email provider (Germans love Gmail, too). Secondly, even if that is not the case, can you be sure that the NSA doesn't spy on traffic in Frankfurt [wikipedia.org] ? It wouldn't surprise me.

Only true end-to-end encryption can be a solution. The government in Germany is currently pushing for DE-Mail [wikipedia.org] , which relies on transport encryption only. So that means that your email provider can still snoop and so can the German government, which is probably the reason why they designed it like that in the first place. End-to-end encryption would have been possible, especially since the German government is spending much money rolling out their own PKI, with keys for every citizen right on their new national ID card.

There's a presentation [media.ccc.de] about DE-Mail from last December's Chaos Communication Congress, it's worth watching (video also has an audio track with English translations).

Re:Yes, and changing that is not an option (1)

mcgrew (92797) | about 10 months ago | (#46277453)

It works the same way with cars and roads. Often, going five miles out of your way will get you there half an hour faster because the interstate is 70MPH and the shorter route is badly congested and only doing 25.

And the longer route will use less gas.

For you car analogy guys...

Re:Huh? (1)

ArsenneLupin (766289) | about 10 months ago | (#46275203)

You mean if one were to send an email from Munich to Paris, it'd cross the Atlantic and come back?
NSA aside, that's a pretty sucky setup.

Many Europeans have accounts at gmail or hotmail. In this case, the email does indeed cross the Atlantic and back.

O, and "creative" routing, as you outlined, does happen often enough too, unfortunately...

Re:Huh? (1)

zaibazu (976612) | about 10 months ago | (#46275601)

The biggest ISP in Germany (Deutsche Telekom / T-Online) isn't openly peering at the biggest national peering point (DE-CIX) but instead is bullying everyone to directly connect to their own network.

If the other party doesn't want to pay up the packets to T-Online often get routed really strangely, often over the atlantic.

Funny thing is that the Telekom is publicly pushing for packets staying within national borders while they are the worst offenders and tech-illeterate politicians are joining up on that BS, they have been called out by tech media and the Chaos Computer Club but it didn't reach the general public (yet)

Re:Huh? (1)

LordLimecat (1103839) | about 10 months ago | (#46277793)

Depends what provider youre using. Not everyone is well off enough to have global servers.

Re:Huh? (1)

petermgreen (876956) | about 10 months ago | (#46278777)

It seems merkel either doesn't know what she is talking about or is oversimplifiying.

The real answer depends on what you mean by "send an email from munich to paris"

If you mean a user using a mailserver based in munich sends an email to a user using a mailserver based in paris then the mail is unlikely to go anwhere near the US. Europe (unlike some other parts of the world) has a highly functiona internet infrastructure with good in-region peering.

However if you mean a user in munich sends an email to a user in paris then things get messier. Some people use email services run internally by their ISP or employer but a lot use email services run by big american corporations. That makes it relatively easy for the americans to spy on them (even if the email doesn't usually go through the US it's all too easy for the american parent company to interfere with their subsidaries in europe.

You, uh... Know... (4, Informative)

Greyfox (87712) | about 10 months ago | (#46274923)

That won't avoid snooping, right?

You COULD mandate end-to-end encryption if you were really that worried about it. That probably also wouldn't avoid snooping, but it'd make it a bit more difficult. We should probably also move away from using the browser as a mail client. But you're not really worried about snooping, are you? You're just worried about US snooping.

Re:You, uh... Know... (2)

Trepidity (597) | about 10 months ago | (#46274971)

Well yeah, Merkel isn't really worried about the German police reading email. If she were, she could do something about that problem more easily...

However I think in addition to being worried about US snooping, this is also a convenient opportunity for promoting local technology firms. If a bunch of people move from Gmail to European email providers, that's good for the European tech industry regardless of whether it actually hampers spying.

Re:You, uh... Know... (3, Funny)

turgid (580780) | about 10 months ago | (#46275017)

this is also a convenient opportunity for promoting local technology firms

The European Internet brought to you by SAP AG [sap.com] ?

Re:You, uh... Know... (1)

ILongForDarkness (1134931) | about 10 months ago | (#46275145)

That might be more like it. They want to pull a China and encourage their own knockoffs of Google, Amazon, eBay, FacePlant etc.

Re:You, uh... Know... (0)

Anonymous Coward | about 10 months ago | (#46278485)

That's funny that you consider SAP [wikipedia.org] a knockoff tech company.

Re:You, uh... Know... (1)

Jane Q. Public (1010737) | about 10 months ago | (#46278621)

"However I think in addition to being worried about US snooping, this is also a convenient opportunity for promoting local technology firms."

The thing is, though, they could have done this LONG ago. They could have paied to lay their own cables, and paid to develop their own backbone infrastructure. Instead, they decided to go the cheap route and ride the coattails of the U.S.

That's all fine, but bitching about it later makes HER look bad, because it was a choice freely made. These options have always been available. They're just making political hay out of the situation, that's all.

Re:You, uh... Know... (1)

Trepidity (597) | about 10 months ago | (#46278961)

They do actually have the cables and backbone. Despite the weird wording she doesn't seem to be talking about an actual European network, since that already exists: if you ping from Sweden to Italy it goes through Germany, Austria, etc., like you'd expect. The problem is that many of the successful hosted services are in the USA, so while the ping stays within Europe, when you email from Sweden to Italy, it probably hits up Gmail in the USA.

Re:You, uh... Know... (1)

Jane Q. Public (1010737) | about 10 months ago | (#46280947)

"he problem is that many of the successful hosted services are in the USA, so while the ping stays within Europe, when you email from Sweden to Italy, it probably hits up Gmail in the USA."

That's even less of a real issue! Yes, the companies are American. That's because they were started via American ingenuity, work, and investment. They started here, they got big here.

If they want to use other services, then they can damned well build their own. They have even less of a moral leg to stand on in that respect! If they don't want to use American companies, then they can fucking well use German companies. Nobody is stopping them.

Re:You, uh... Know... (1)

Trepidity (597) | about 10 months ago | (#46281229)

If they want to use other services, then they can damned well build their own.

That seems to be kind of what Angela Merkel is proposing? The whole proposal is: Europe should build their own online services and stop using America's.

Re:You, uh... Know... (1)

bickerdyke (670000) | about 10 months ago | (#46275191)

That's not what she wants as that again would cripple german law enforcement.

I've got a cunning plan (0)

Anonymous Coward | about 10 months ago | (#46275257)

You COULD mandate end-to-end encryption if you were really that worried about it. That probably also wouldn't avoid snooping, but it'd make it a bit more difficult.

They could send their emails in germanese

without encryption (0)

Anonymous Coward | about 10 months ago | (#46274927)

it seems like a total fail understanding of the problem. as snowden elaborated in the german interview, moving the data doesnt fix it. its why the notion that snowden had copies of everything on his laptop for everyone to see is is also retarded. cloud or offsite properly encrypted works better than bringing it with you. "if the nsa can collect sms messages in china, it can certainly grab emails in germany".

Lest anyone forget (4, Insightful)

cold fjord (826450) | about 10 months ago | (#46274945)

The German Prism: Berlin Wants to Spy Too [spiegel.de]
French officials can monitor internet users in real time under new law [theguardian.com]

And some of the reports of "NSA spying" were in fact NSA being given phone data from European agencies.

Re:Lest anyone forget (0)

cold fjord (826450) | about 10 months ago | (#46275217)

And while we're on the subject of Merkel | Germany | spying:

Merkel's cellphone said targeted by 5 countries' spy agencies [upi.com]

German Chancellor Angela Merkel's cellphone was tapped by at least five foreign intelligence agencies, not just by the United States, a German magazine said.

Besides the U.S. National Security Agency, Merkel's phone was monitored by the British, Russian, Chinese and North Korean surveillance agencies, weekly news magazine Focus reported, citing an unnamed German security official.

Re:Lest anyone forget (0)

Anonymous Coward | about 10 months ago | (#46275381)

To be fair - the US probably didn't monitor the phone and just got the transcripts from the Brits.
Same with a lot of the NSA European spying - its the Brits passing on the info.
And the NSA spying on Americans? Thats the Brits, Canadians, Australians, etc spying on them and providing the info feeds. All of which is perfectly legal within the legal framework of each spying agency.

If you're transferring your bits over cables then you'll need to ensure that the cables aren't owned by US companies or have a business presence in the USA through which the US government can leverage access to the network.

Re:Lest anyone forget (0)

Anonymous Coward | about 10 months ago | (#46275245)

EU AC here. I'm not worried at all by the national authorities of my country of residence (I've lived in Germany and France among others) being able to spy on my email. Really I don't care, because as far as I know they make good use of the data (no arbitrary arrests, not available to normal police, there is not even a "no flight list" in the EU). But I hate the idea of FOREIGN intelligence (I mean outside EU) doing the same (or EU authorities forwarding the data to their friends across the ocean), because I know they only consider foreign citizens as suspects and only read their content for some nasty purpose like denying entry as a tourist for a twitter post they didn't like (US authorities already did that).

Re:Lest anyone forget (-1, Troll)

cold fjord (826450) | about 10 months ago | (#46275371)

....only read their content for some nasty purpose like denying entry as a tourist for a twitter post they didn't like (US authorities already did that).

The "nasty purpose" is to prevent people from being killed, including Europeans - both in Europe and the US. If you think that similar things don't happen in Europe, you are misinformed.

This happened at Stuttgart: German held at airport after bomb-in-briefs joke [www.cbc.ca]

As to the incident you mention:

Caution on Twitter urged as tourists barred from US [bbc.co.uk]

... holidaymakers need to learn to be ultra-cautious when it comes to talking about forthcoming trips, particularly after 9/11.

"Posting statements in a public forum which could be construed as threatening - in this case saying they are going to "destroy" somewhere - will not be viewed sympathetically by US authorities," it told the BBC.

"In the past we have seen holidaymakers stopped at airport security for 'joking' that they have a bomb in their bag, thoroughly questioned and ending up missing their flights, demonstrating that airport security staff do not have a sense of humour when it comes to potential risk."

Not really terribly different than what happened in Germany.

You should also understand that the US, Canada, EU, Australia, New Zealand, and various other countries all trade intelligence information to varying degrees to try to keep their citizenry safe. The US has helped foil plots in various European countries on many occasions.

NSA helped foil terror plot in Belgium, documents, officials say [cnn.com]

The US has good reason to look towards Europe since there have been many terrorists there plotting against the US. One of the 9/11 attack teams came out of Germany. And European laws in the past have often render various countries almost toothless in dealing with extremism.

The EU is a coalition of nations that makes for convenient travel and trade, but national sovereignty remains. If you are French, Poland is pretty much as foreign as the US is.

Re:Lest anyone forget (1)

Anonymous Coward | about 10 months ago | (#46275709)

The "nasty purpose" is to prevent people from being killed, including Europeans - both in Europe and the US.

And we all know how well this has worked.

It prevented the attacks on 9/11/2001, it prevented the bombing at the Boston Marathon, and it
cures asthma too. Oops, it actually didn't work for any of this. So the argument that lives are being
saved is just a goddamned lie, because FACTS DON'T SUPPORT IT.

In other words, spying on all of us hasn't ACTUALLY worked very well to prevent violence. And the truth is,
the claims made by the government worker who calls himself "ColdFjord" are just plain old fear mongering.
If you buy into this fear mongering BULLSHIT, you are part of the problem yourself.

Re:Lest anyone forget (1, Interesting)

cold fjord (826450) | about 10 months ago | (#46276005)

It would have been hard for measures taken after 9/11 to have prevented 9/11, wouldn't it? I take it that didn't register when you were writing that nonsense?

There are no guarantees. The work of law enforcement and intelligence agencies only make it less likely that a successful attack will occur. But people still keep trying, and get arrested. In fact there have been hundreds of arrests and convictions on both sides of the Atlantic. If you want to ignore facts, that is up to you, but don't expect me to ignore them as well.

I don't think anyone should be fearful, but rather informed, and take sensible precautions against enemies that announce their intent to kill when they can manage to do so in the US and Europe much like they already to in Africa, Asia, and the Middle East.

The bullshit is entirely coming from you, including the claim that I work for the government. Apparently the distance between your ears isn't sufficiently wide to accommodate the idea that of the millions of people that have accounts on Slashdot that at least one of them could have views similar to my own. Those views are shared by no small number of people in the West.

Re:Lest anyone forget (1)

Plumpaquatsch (2701653) | about 10 months ago | (#46278141)

It would have been hard for measures taken after 9/11 to have prevented 9/11, wouldn't it?

Yeah, but the NSA has been spying on us Europeans far before that - ever heard of ECHELON [slashdot.org] ? It's almost conspiracy theory inspiring that the EU tried to get ECHELON stopped in 2001 - and bamm, planes fly into buildings, so we need more surveillance.

Re:Lest anyone forget (1)

KingMotley (944240) | about 10 months ago | (#46276349)

And having a police department and a justice system hasn't prevented crime, so we should abolish it because it didn't work 100% of the time.

Re:Lest anyone forget (0)

Anonymous Coward | about 10 months ago | (#46276067)

The "nasty purpose" is to prevent people from being killed, including Europeans - both in Europe and the US.

Yes, that's probably why the german chancellor's phone is monitored, because she's an evil terrorist that is plotting to kill US citizens... Get real, the only reason to do this is political and economic espionage. I'm not saying this is necessarily wrong, but the "evil terrorists threaten us all" excuse is getting really thin there.

Re:Lest anyone forget (0)

cold fjord (826450) | about 10 months ago | (#46276191)

That is a change of subject. But in addressing that subject, there are many reasons for intelligence operations. If you will note above in this thread where I replied to the first post you will see that there were at least five nations trying to monitor Merkel's phone. At least two of them were European. If you can't think of any reasons for that interest you aren't trying.

Suggesting that there isn't genuine interest in preventing terrorist attacks isn't true. And neither is suggesting that the only reason for intelligence operations is preventing terrorism.

It is the insights by many here on the matter that are thin, and often unserious.

Great! (0)

Anonymous Coward | about 10 months ago | (#46275363)

So now the French and Germans will only have their own governments spying on them and not the yanks too.

Hugh consolation there.

Re:Lest anyone forget (2, Interesting)

Anonymous Coward | about 10 months ago | (#46275463)

Very much this. Hey, I do agree with cold fjord for once!

As disgusting as the whole Snowden revelations about NSA are (and as much as I think the whole NSA/Homeland "Security" thing has gotten out of hand and should be put under strict democratic control), the "secret services" this side of the pond (and their apologists) are (mis)using the whole scandal to further their dirty little agendas.

I won't forget that it was Merkel's party which pushed for horrid data retention laws across the whole of EU. I won't forget that the ruling parties in the UK want pre-emptive DNA collection on "troublesome" school kids.

Re:Lest anyone forget (1)

interkin3tic (1469267) | about 10 months ago | (#46275959)

That's a bit of a tu quoque argument. Yes, they were doing it too. No, that doesn't make the US doing it any better and no, that doesn't mean it would be good for her to drop it.

It's good to keep in mind, lest germany tries to become a tech hub based on the premise that they won't spy like the NSA, but until then, let her help us keep the spotlight on the NSA.

Favorite part (3, Interesting)

TheCarp (96830) | about 10 months ago | (#46274969)

> This comes as Merkel's government faces criminal complaints for assisting aspects of the NSA's programs."
> twitter facebook linkedin Share on Google+

My favorite part of the whole thing is that they are facing criminal complaints for assisting the NSA, all while having also been spied on by the very people they assisted. Hmm a happy satisfied feeling from seeing others get what has been coming to them? I believe the Germans just might have a word for that.

Re:Favorite part (1)

Anonymous Coward | about 10 months ago | (#46275211)

I believe the Germans just might have a word for that.

Zeitgeist?
Poltergeist?
Fahrvergnuegen?
Brutosozialprodukt?
Sauerkraut?

Re:Favorite part (1)

Anonymous Coward | about 10 months ago | (#46275425)

I think GPP is thinking of whatever the German word is for schadenfreude.

Re:Favorite part (0)

Anonymous Coward | about 10 months ago | (#46275467)

Hasselhoffkarriere?

Re:Favorite part (0)

Anonymous Coward | about 10 months ago | (#46276139)

Schadenfreude *IS* the german word.

Re:Favorite part (1)

cmorriss (471077) | about 10 months ago | (#46276937)

INCOMING!!!

>>>joke**** WHOOSH ****joke>>>>

No shit Sherlock.

Re:Favorite part (0)

Anonymous Coward | about 10 months ago | (#46280241)

just, WOW!

Re:Favorite part (0)

Anonymous Coward | about 10 months ago | (#46276477)

kindergarten?

Re:Favorite part (1)

Solandri (704621) | about 10 months ago | (#46278723)

Well duh. This is all a CYA attempt to cast this as something terribad the U.S. did, and they themselves are completely innocent of any wrongdoing. Just like the U.S. Congress and President have mostly successfully cast this as something terribad the NSA did, and they themselves are completely innocent of any wrongdoing. It's not like they funded, got regular reports on, and used the data collected by the NSA program they created and authorized, right?

Re:Favorite part (0)

Anonymous Coward | about 10 months ago | (#46280109)

Hmm a happy satisfied feeling from seeing others get what has been coming to them?

You mean that someone actually started to go after NSA?

Re:Favorite part (1)

maxwell demon (590494) | about 10 months ago | (#46280395)

> This comes as Merkel's government faces criminal complaints for assisting aspects of the NSA's programs."
> twitter facebook linkedin Share on Google+

My favorite part of the whole thing is that they are facing criminal complaints for assisting the NSA, all while having also been spied on by the very people they assisted. Hmm a happy satisfied feeling from seeing others get what has been coming to them? I believe the Germans just might have a word for that.

Negativhandlungsreziprozitätsbeobachtungsfröhlichkeitszufriedenheitsgefühl? ;-)

France and Germany gets snotty at the US (1)

jellomizer (103300) | about 10 months ago | (#46275007)

News at 11.

How will this stop the NSA? (0)

Anonymous Coward | about 10 months ago | (#46275011)

Can't see how this will stop the NSA from snooping on Europeans' emails.

How about UK servers? (0)

Anonymous Coward | about 10 months ago | (#46275041)

Quite often I see that my E-mails had been routed via SMTP servers located in London. A quick review of E-mails that I received in the past show me that E-mails from Acerta (A organization in Leuven that deals with salary and social security administration of employees) to my Postfix server in Switzerland goes from Belgium to London to Netherlands to Zwitserland. The link between London and Netherlands was apparently not even encrypted. Why? And this is servers that voluntarily added "Received" headers. Who knows what's in between. In my opinion any IP traffic should only if *really* necessary go to Five eye members (when the destination is in one of those countries).

Re:How about UK servers? (1)

mars-nl (2777323) | about 10 months ago | (#46280265)

I'm very disappointed to see that SMTP-connections are often not encrypted. It's cheap to do and makes snooping much harder.

Fine with me (0)

p51d007 (656414) | about 10 months ago | (#46275053)

Let the world do their own internet if they want to...no skin off my teeth, the USA invented it in the first place.

Good for her (-1)

Anonymous Coward | about 10 months ago | (#46275069)

How do I move to Germany?

Nice try Euros, but (3, Insightful)

Adult film producer (866485) | about 10 months ago | (#46275119)

you're not gonna stop us from reading or listening to any of your conversations. We're the proud, the strong, and we own all of your communications :)

Re:Nice try Euros, but (0)

Anonymous Coward | about 10 months ago | (#46276513)

the german also have a saying for that:

des lauscher an der wand hört die eigne schand.

Spy sapping mah mailbox (1, Funny)

Anonymous Coward | about 10 months ago | (#46275121)

-- edited by NSA -- I think the US is a wonderfull place to live in full of freedom and democracy. I think all other countries are plotting terrorist attacks and they will fail.

Riseup (0)

Anonymous Coward | about 10 months ago | (#46275367)

Is riseup.net any safe? Its servers are in the US, after all

What safe solutions exist nowadays?

Encryption (0)

Anonymous Coward | about 10 months ago | (#46275477)

What safe solutions exist nowadays?

Data encryption.

Re:Riseup (1)

akeeneye (1788292) | about 10 months ago | (#46277877)

Here's what riseup has to say about the "hosted in the US" issue: https://www.riseup.net/en/rise... [riseup.net]

Because of course... (1, Redundant)

nam37 (517083) | about 10 months ago | (#46275411)

...none of the EU countries monitor communications, right? This is completely an example of misdirection. "Look over there!!! Bad NSA!!! Bad US spy agencies!!"

Third in an investigative series (0)

Impy the Impiuos Imp (442658) | about 10 months ago | (#46275469)

"Chancellor Merkel thought of this plan immediately after she learned the Internet was a series of tubes."

As a Canadian (3, Interesting)

denisbergeron (197036) | about 10 months ago | (#46275471)

It's even a law in Canada to prohibe company with data on canadians people to avoid any storage/transport of these data using any IT infrastrure in the USA.

Re:As a Canadian (3, Interesting)

BlazingATrail (3112385) | about 10 months ago | (#46275519)

Privacy laws in Canada do not prohibit transferring personal data to US. It's a common misconception.

Re:As a Canadian (3, Interesting)

denisbergeron (197036) | about 10 months ago | (#46275839)

The fact is that the privacy law prohibit transferring personnal data outside Canada. Period. And, except from some west reformist, Outside-Canada include the USA.

Re:As a Canadian (4, Interesting)

FireFury03 (653718) | about 10 months ago | (#46275609)

It's even a law in Canada to prohibe company with data on canadians people to avoid any storage/transport of these data using any IT infrastrure in the USA.

The data protection act has restrictions on exporting data... In my experience pretty much everyone is ignoring those restrictions when it comes to migrating to "cloud" services, and that's not going to stop until people start getting hit by big fines.

Re:As a Canadian (1)

denisbergeron (197036) | about 10 months ago | (#46275863)

I think, it's just because proofs are hard to show in these case, until some private info of a canadian will be part of some breach .

Re:As a Canadian (1)

FireFury03 (653718) | about 10 months ago | (#46275971)

I think, it's just because proofs are hard to show in these case, until some private info of a canadian will be part of some breach .

Sorry, I forgot to add "here in the UK" to my previous post. I'm unconvinced that (here) the information commissioner's office even cares, so I'm not expecting any kind of enforcement action soon.

Re:As a Canadian (2)

phorm (591458) | about 10 months ago | (#46277405)

Many places where I have worked strongly avoid using cloud services for company business. In the education industry in particular, they were quite strong on avoiding remote hosting in order to protect student data.
Some places even go so far as to block Google Drive, dropbox, etc entirely.

Re:As a Canadian (1)

FireFury03 (653718) | about 10 months ago | (#46277769)

Many places where I have worked strongly avoid using cloud services for company business. In the education industry in particular, they were quite strong on avoiding remote hosting in order to protect student data.
Some places even go so far as to block Google Drive, dropbox, etc entirely.

I work with the education sector and we're increasingly seeing schools moving to cloud services, such as Exchange Online, and even Dropbox and iCloud. No consideration seems to be being made regarding data protection laws, which are almost certainly being broken by using these services (IMHO there's no realistic way to ensure that personal data isn't placed on these services). Also, there seems to be no consideration for the increased load such services place on the internet uplink - suddenly stuff like email (frequently with potentially large attachments) is being shoved over the uplink rather than only over the LAN.

Re:As a Canadian (1)

phorm (591458) | about 10 months ago | (#46278097)

Which province?

And if all of the servers are in the EU? (1)

jader3rd (2222716) | about 10 months ago | (#46275553)

Given the latency across the Atlantic, I wouldn't be surprised if all of the major US email providers host the mailboxes of their EU customers in the EU. If so, does that go against Merkel's wishes?

Re:And if all of the servers are in the EU? (1)

Alioth (221270) | about 10 months ago | (#46275935)

The latency is only about 150ms. This is simply unnoticable for email, so major US email providers aren't going to have servers in the EU for latency reasons.

Re:And if all of the servers are in the EU? (2)

jader3rd (2222716) | about 10 months ago | (#46276169)

The latency is only about 150ms. This is simply unnoticable for email, so major US email providers aren't going to have servers in the EU for latency reasons.

That would probably be true for classic client server email, but consumers (and by consumers I mean people who don't read Slashdot) expect their email to be a web based client. And for all of the back and forth an interactive web client is going to have with the server, 150ms could be killer.

Re:And if all of the servers are in the EU? (0)

Anonymous Coward | about 10 months ago | (#46277293)

The latency is only about 150ms. This is simply unnoticable for email, so major US email providers aren't going to have servers in the EU for latency reasons.

That would probably be true for classic client server email, but consumers (and by consumers I mean people who don't read Slashdot) expect their email to be a web based client. And for all of the back and forth an interactive web client is going to have with the server, 150ms could be killer.

150ms on a web based app is a problem?

This isn't fucking counterstrike.

Yes, keep them off US servers. (0)

Anonymous Coward | about 10 months ago | (#46275575)

Never mind we are using ours to spy on you..

I think it just hilarious the world leaders want to act as if their hands are clean in this mess.

 

Re:Yes, keep them off US servers. (1)

Opportunist (166417) | about 10 months ago | (#46275953)

I think it's more scary that this is a blatant display of them not having the hint of a clue what they're making decisions about.

The cost of the NSA spying (or being leaked) (2)

dzoey (578558) | about 10 months ago | (#46275879)

It's not just that the French and German government are going to move to doing business with non-US companies for email. There are many reports [citation needed] of governments and companies throughout the world choosing non-US cloud providers who promise not to have servers in the US. This is showing up on companies earnings reports in reduced overseas sales.

At first I thought it was silly - all governments want to be able to get their hands on data stored in their domain, so moving from the US just changes the potential actor. Then I thought "why would you store your secrets in a place you don't control?" If you've got something very, very secret, you don't store it in a bank, you hide it somewhere on your property (and no, I do not have anything very very secret :-) ) so it makes sense for governments to store their data on their own servers. And if they're technically capable, their own government cloud (sadly, not built by the US).

Wait a second (2)

EmperorOfCanada (1332175) | about 10 months ago | (#46275899)

You mean that if google has a gmail server sitting in Germany that it won't be able to access all the content on that server? What?

If some NSA/FBI/CIA goon walks into an google/yahoo/whatever office in the US and hands a secret court order for a US citizen to dig through the German server the guy is going to dig through the German server. If anything a google run German based server is actually more legally friendly to the CIA/NSA as now they can be fairly certain they aren't trolling through US-US communications.

So if the US passed a law tomorrow (that was actually obeyed) that 100% banned any interception of communications of one US citizen with another then setting up European only servers would be something the NSA would want Google to to.

If Europe is truly serious about defending their privacy they would insist upon audited servers stationed in Europe run by natural born European citizens with single nationality and no family or economic ties outside of their legal reach. Then they would need to make a ferociously punitive fine for any employes, management, or companies that violate these privacy rights with a huge portion of the fines going to any whistleblower.

Another suggestion I have is for some European company to buy blackberry and make those phones truly and uncompromisingly secure with features such as one time pads.

Could someone clue her in? (1)

Opportunist (166417) | about 10 months ago | (#46275933)

Someone could maybe tell Merkel that there is no "German internet" and no "American internet"?

Saying that you want to "keep emails in Europe" is like sitting in the swimming pool noticing that some piss in the pool so you decide to put a chain across the middle of the pool and declare that in your side only non-peers may swim while those that pee in the water have to stay on the other side.

Re: Could someone clue her in? (0)

Anonymous Coward | about 10 months ago | (#46277939)

May I suggest you to open and read any networking book (Tannenbaum is a good choice) before giving your opinion on this subject ? You don't know what your talking about.

EU companies may break the law by using US ISPs (2)

cheros (223479) | about 10 months ago | (#46276799)

EU Data Protection laws require a company to protect the privacy of the people it receives email from. Now the fallacy of the Safe Harbor agreement has become clear, using US providers means knowingly placing privacy in jeopardy.

Silicon Valley has a MASSIVE problem on its hands in this context: even if a US company WANTED to protect client information (and let's be honest, lots of them actually do), they are legally not in a position to do so. The biggest problem is that this is a legal issue, and that will take at least a decade to fix...

Re:EU companies may break the law by using US ISPs (2)

Stuntmonkey (557875) | about 10 months ago | (#46278837)

It's a trust issue more than a legal issue. As it turns out American companies were for years under gag orders for certain kinds of government (FISA) data requests. They couldn't even discuss their existence. Under pressure from leaks, now the US government is relaxing [reuters.com] and allowing them to reveal some aggregate data about these previously-secret requests.

The fact that all this "openness" has only come under duress makes one strongly suspect that the spying will only shift into some new program. The legality of FISA is almost beside the point when it comes to the question of who do you trust with your data.

Um, GCHQ? (2)

ThatsNotPudding (1045640) | about 10 months ago | (#46277997)

Given that GCHQ is a loyal lapdog of the NSA, you'll have to exclude ole Britannia Servers as well.

Re:Um, GCHQ? (0)

Anonymous Coward | about 10 months ago | (#46278989)

Given that GCHQ is a loyal lapdog of the NSA, you'll have to exclude ole Britannia Servers as well.

yes I agree.
and that will happen sooner than you think.

Re:Um, GCHQ? (1)

WillAffleckUW (858324) | about 10 months ago | (#46279227)

I wonder if Scotland will join the EU but still send emails thru London?

Will not work (2)

WillAffleckUW (858324) | about 10 months ago | (#46279215)

We already have nodes running inside both countries which tap the main lines.

Illegal? Of course.

Unconstitutional? Only if, as they are designed to do, they capture American emails too.

Stupid? Heck, this is America ... does that answer your question?

Re:Will not work (1)

maxwell demon (590494) | about 10 months ago | (#46280437)

Unconstitutional? Only if, as they are designed to do, they capture American emails too.

If those nodes are in countries other than the US, the question whether they are unconstitutional is decided by the constitution of the country those nodes are in.

Re:Will not work (1)

WillAffleckUW (858324) | about 10 months ago | (#46280639)

Yes, but the US does not recognize other countries constitutions.

For example, we signed legally binding Data Privacy Treaties with Canada and the EU and we still steal your data.

QED.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?