Slashdot Mirror

← Back to Stories (view on slashdot.org)

EU Citizens Warned Not To Use US Cloud Services Over Spying Fears

Posted by timothy on from the oh-don't-you-worry dept.

Diamonddavej writes "Leading privacy expert Caspar Bowden warned European citizens not to use cloud services hosted in the U.S. over spying fears. Bowden, former privacy adviser to Microsoft Europe, explained at a panel discussion hosted at the recent Computers, Privacy and Data Protection conference in Brussels, that a section in the Foreign Intelligence Surveillance Act Amendments Act 2008 (FISAAA) permits U.S. intelligence agencies to access data owned by non-U.S. citizens on cloud storage hosed by U.S. companies, if their activity is deemed to affect U.S. foreign policy. Bowden claimed the Act allows for purely political spying of activists, protesters and political groups. Bowden also pointed out that amendments to the EU's data protection regulation proposal introduce specific loopholes that permit FISAAA surveillance. The president of Estonia, Toomas Hendrik Ilves (at a separate panel discussion) commented, 'If it is a U.S. company it's the FBI's jurisdiction and if you are not a U.S. citizen then they come and look at whatever you have if it is stored on a U.S. company server.' The European Data Protection Supervisor declined to comment but an insider indicated that the authority is looking into the matter."

7 of 138 comments (clear)

  1. Really? by Anonymous Coward · · Score: 5, Insightful

    Got news for him, even if you ARE a US citizen they look at whatever you have stored.

  2. Anyone ever read the constitution? by Midnight_Falcon · · Score: 5, Insightful

    The Bill of Rights is peculiar in that it does not say "no citizen", but it says "no person."

    Can someone explain how nearly 250 years of common law has managed to change the definition of a "person" to include US companies, but not foreign citizens utilizing services within the US?

    1. Re:Anyone ever read the constitution? by s.petry · · Score: 5, Insightful

      Do you want the real answer or some spiffy rhetorical bullshit? Save that, I'll give you the real answer. My apologies in advance too, since I'm guessing you already know what follows and are simply asking the rhetorical question. This is really for those that are still sleeping.

      The real answer is that the people currently sitting in offices don't give a rats ass about their own Constitution. Don't look at what they say, look at what they do! The Patriot act has not been diminished, it's been extended. Hidden clauses in executive orders remove things from view, and public support. Lets not kid each other, that is a symptom of a much larger problem and not the problem.

      Socrates warned that citizens must guard against people in political offices that demand increasing amounts of power. He was the first, but definitely not the last. That quest for power can quickly turn any form of Government into a tyranny.

      Now many will say "doom and gloom nonsense", and those people are simply ignorant. They have no idea how much snooping the NSA currently does on them, nor how much that will expand this summer when the new super computer complex opens (which has been designed for exactly the purpose of snooping and reporting on citizens). They have no idea how much of that data is requested and granted currently (in secrecy) to other government agencies, like the CIA, FBI, TSA, DHS, DOJ, ATF, etc.. Nobody in the public does, because our government refuses to provide any information at all. Even to the point where they refuse to admit it happens. We know it happens based on events and court cases, not because it's admitted.

      This is by the same people in office that will tell you to your face that they want to be open and honest. Does the term "pathological liar" not bother you?

      So if the Government ignores the Constitution and Bill of Rights when dealing with it's own citizens do you really expect them to honor the words with non-citizens? The constitution is the foundation for every other aspect of our Government.

      --

      -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

  3. UK Govt using zendesk?? by lkcl · · Score: 5, Interesting

    a friend of mine made a freedom of information request recently, and was surprised to find that his question was responded to using zendesk. so he looked up the IP address and, on discovering that the IP address was in the U.S., made some pointed enquiries as to why his confidential details, as well as UK Government matters, were being stored in a jurisdiction outside of the sovereignty of the UK.

    the best one though was learning that UK MPs have been issued with ippads. which is great. confidential UK business can be snooped on by not just the U.S. govt but by a U.S. Corporation, and UK MPs can be "advertised at", and sold commercial music and entertainment services that they have absolutely no business letting in to Parliament.

    all good fun, eh?

  4. Is this really news to anyone? by Anonymous Coward · · Score: 5, Insightful

    I mean, everyone outside the US has known since the mid-2000's that the American Gov't has absolutely ZERO compunction about spying on ANYTHING within it's borders.

    Even "secretly" wire-tapping it's own citizens.

    In Canada we have distinct and fairly robust privacy legislation, and I'm constantly warning businesses to avoid storing anything in the cloud that could potentially contain affected info (customer data primarily, but also patient data in doctor's offices and other medical professionals). Simply uploading ANY of that data to the cloud COULD put you in violation of the law since you can no-longer provide ANY ASSURANCE WHATSOEVER that it hasn't been viewed or shared with unauthorized parties.

    Furthermore, I personally just assume, straight-up, that ANYTHING that Facebook, Google, Amazon or Microsoft host is de rigueur scanned, indexed and cataloged.

    This also applies to anything done in Chrome, or Android (vis a vis Google) or if you've installed any of Google's personal-search tools. It just doesn't make sense NOT to assume that the worst thing you can imagine happening in these cases either is-already, or will-eventually-be, happening.

    I single-out Google and it's many tools at the moment because hoarding information about you (and then selling it) IS the basis of their business model. The more information they can harvest about you personally, the more valuable their product is. Therefore, the greater their incentive is/will-be to accrue and store as much information as they possibly can about every single thing you do, place you go, thing you think... If they're not doing it already, the past history of American Corporocratic greed compels me to believe that they will eventually...

    Still, it's hard to believe that any of this would be considered "new" news in 2013.

    -AC

  5. Internet tradition by Okian+Warrior · · Score: 5, Insightful

    The US is driving business away with a weighted stick.

    People hold beliefs about other countries and people for a very long time; in many cases, long after the belief has had any meaning. For example, "the French surrendered", "Germans are Nazis", "Chinese products are crappy", "Japanese cars are like finely-tuned watches", and so on. Think of any nation and it comes with a satchel of beliefs held about its people.

    The US is getting an odius reputation for business and tourism. The overall message we send is: "don't come to the US for anything". Businesses are leaving the US in droves, preferring to operate in more friendly areas.

    When the US is known worldwide as "business unfriendly", it'll be nigh impossible to turn that around even if the situation changes.

    This is what our government is doing for us. It's effect on productivity (and employment) is obvious.

    (As a personal anecdote, I recently registered a .net domain, and the registrar (in France) had me click through a strongly worded message stating that the US could demand all sorts of privileges from the domain. Essentially, they stated that they could not guarantee my privacy or the safety of my data when registering a .net domain.)

  6. Megaupload Case *Already* Poisoned the Cloud by sehlat · · Score: 5, Insightful

    Think about it a moment. The Hollywood ... er ... US Government seized all servers and data on a flimsy warrant and trumped-up charges, including the accusation that Megaupload had retained data on its servers even after takedown notice(s). It has since emerged that the government specifically requested that they leave those files up for "investigation." One guy trusted his business data and property to the service and he's *still* fighting to get it back, despite the fact that it was un-shared and 100% his own legal property.

    Cloud services effectively died that day. Why trust any service when a third party can cut you off at any time from your own property without let or recourse?