Slashdot Mirror

← Back to Stories (view on slashdot.org)

Can Switzerland Become a Safe Haven For the World's Data? (dailydot.com)

Posted by msmash on from the seems-like-a-good-idea dept.

An anonymous reader shares an interesting article on Daily Dot which lists a number of reasons why Switzerland should be deemed as the nation for storing all of your data. The article reads: As United States and European Union regulators debate a sweeping new data-privacy agreement, Switzerland is presenting itself as a viable neutral location for storing the world's data thanks to strict privacy laws and ideal infrastructure. The Swiss constitution guarantees data privacy under Article 13. The country's laws protecting privacy are similar to those enacted by the E.U. Swiss data protections are also, in some cases, much stricter than those of the E.U., according to Nicola Benz, attorney at Swiss law firm Froriep. And since Switzerland is not part of the E.U., data stored there remains outside the reach of the union's authorities. [...] The country's tight privacy laws could make the small nation more attractive to privacy-focused start-ups. And it already has that momentum. After the former NSA contractor Edward Snowden 2013 revelations about the National Security Agency's secret surveillance activities, Switzerland witnessed something of a boom in its data-center business. Phil Zimmermann, creator of the popular PGP encryption protocol and founder of Silent Circle, even left the U.S. for Switzerland last year, citing the overreach of American authorities. Andy Yen, CEO of Swiss-based encrypted email service Protonmail, said that the country has robust processes in how it carries out data requests from authorities. Data requests have to go through a court like in most countries, said Yen, but "the person that's having their data requested needs to be notified eventually about the request happening and there's an opportunity to fight it in an open court. This is quite different than the U.S., where things can go through a so-called FISA court."

52 of 103 comments (clear)

  1. Yes, that's why the Nazi's hid their wealth there by jfdavis668 · · Score: 3, Informative

    Everyone has been hiding money and information there for years. Everyone from the Nazi's to the Russians to FIFA.

  2. Like the Jewish assets during WW2? by guruevi · · Score: 4, Interesting

    The Swiss didn't seem to have any issue turning over Jewish gold and bank accounts during their Nazi alliance. How sure can we be a "friendly state" doesn't secretly get the data anyway? The Swiss bankers didn't get rich by simply holding assets, they go with whatever the highest bidder wants.

    Good encryption is the only way to keep your data safe, in Switzerland or elsewhere.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
    1. Re:Like the Jewish assets during WW2? by Hentes · · Score: 1

      What if good encryption is outlawed in places other than Switzerland? I wish I was being paranoid.

    2. Re: Like the Jewish assets during WW2? by Anonymous Coward · · Score: 5, Informative

      There was no nazi alliance. Hitler hated Switzerland and took it as a personal offense that they wouldn't join the German-speaking alliance with Austria. Switzerland fully expected to be attacked by the Germany and developed a defense plan where the military and some of the population would retreat to the mountains (the redoubt) where they would provide arms to the rebels in the cities while also attacking in raids.

      Both times the Germans realized it would be pointless to invade - even if they took the cities on the plains they would never take the mountains, and the Swiss population, highly armed, would constantly be attacking them.

      And for the Swiss banks, they provided a much-needed service to the Jews in Germany to move their money out of Germany. If you're American you may think about the same, living in a corrupt country like you do. Unfortunately the Nazis killed most of the Swiss customers and they're still dealing with repatriating the money. Of course they can't just give it to anyone that claims it.

    3. Re:Like the Jewish assets during WW2? by jimbolauski · · Score: 1

      It won't matter if good encryption is outlawed everywhere but Switzerland, you won't be able to send or receive your encrypted data without it being at risk or break the law.

      --
      Knowledge = Power
      P= W/t
      t=Money
      Money = Work/Knowledge so the less you know the more you make
    4. Re: Like the Jewish assets during WW2? by Tokolosh · · Score: 1

      Finally, some intelligent info.

      --
      Prove anything by multiplying Huge Number times Tiny Number
    5. Re: Like the Jewish assets during WW2? by guruevi · · Score: 3, Informative

      Please look up recent investigations in portions of that history. The Swiss banks (not talking about the populace) were not quite the saints they portray themselves to be (http://www.pbs.org/wgbh/pages/frontline/shows/nazis/readings/sinister.html)

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    6. Re:Like the Jewish assets during WW2? by athmanb · · Score: 2

      Swiss misbehaviour regarding Jews during WW2 consisted of:
      - Accepting confiscated jewish assets (art, jewelry) in payment for goods even when the government had been informed that "legal" proceedings leading to those forfeitures didn't even have a semblance of fairness.
      - Liquidating jewish bank accounts whose owners did not contact the bank anymore after the war without taking even very reasonable measures of trying to reach any heirs.

      There are some common other urban legends going around like the Swiss handing over assets to the Nazis, Jews being transported through Switzerland, Switzerland accepting gold tooth fillings etc that are all fantasy.

    7. Re:Like the Jewish assets during WW2? by Anonymous Coward · · Score: 1

      "Didn't seem to have any issue" - that might have applied to a bunch of Nazi-leaning bankers, I guess? But the swiss government and a lot of other people -including bankers- clearly saw a lot of issues even prior to the war. For example, seeing the Nazis suppressing their political enemies was why banking secrecy laws was passed in 1934, prior to the war.

      Now, ultimately, adherence to banking secrecy was not good during WW2. Switzerland made concessions to the Nazis, and people suffered for it. But you should have a look at the European map during WW2 - especially after Austria was annexed and France fell. Even if you disregard the stupidly huge military disadvantage: Economically, Switzerland is not even big enough to have sufficient access to the resources a modern nation needs to build and maintain its machines and structures and continue preparations for war. It really needed to trade. There really wasn't actually any realistic choice but to make quite a lot of diplomatic concessions.

      I actually feel that given the circumstances, Switzerland pushed it's luck with the Axis *extremely* often (you should read up on what Switzerland *didn't* do for the Nazis, and what it did against the Nazis, too!), and it was also very lucky to get away with it.

      Well, skip forward to today, and the discrepancy in power is again the same. Even if the EU is a much friendlier entity, it is again overwhelmingly more powerful. Switzerland isn't any more self-sufficient either. Assuming the EU really heavily pressured Switzerland, I think we couldn't resist. Don't trust our privacy laws to that extent!

  3. Re:Yes, that's why the Nazi's hid their wealth the by judoguy · · Score: 4, Informative
    I'm sure your data will be really safe there. Not.

    The Swiss dropped their pants a while back for the U.S. I.R.S. I'm pretty sure the NSA can use that precedent.

    --
    Peace is easy to achieve, just surrender. Liberty is much harder get/keep.
  4. Re:Guarantees? Banking secrecy, anyone? by JcMorin · · Score: 1

    there is no guarantee. Even if they say so (they can lie), even if they pass a low (then can remove or change the law later).

  5. Shades of Gibson's future... by killfixx · · Score: 1

    Neuromancer for the win; we now just need an orbiting, privately funded space station.

    --
    "Helping to keep you two steps ahead of the Thought Police!"
  6. Re:but of course. by Anonymous Coward · · Score: 2, Informative

    You do realize Sweden and Switzerland are two different countries.

  7. Re:but of course. by jfdavis668 · · Score: 1

    I blame the Swedish Chef for all of that.

  8. Re:but of course. by Impy+the+Impiuos+Imp · · Score: 1

    He was high on Swedish cheese.

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  9. The Swiss do have a FISA-like court by Anonymous Coward · · Score: 1

    The Swiss do have a FISA-like court and a robust intelligence capability. But, unlike the U.S. FISA court, which is spelled out in open legislation, the Swiss do not make public their system. In other words, it's worse, because the intelligence agencies have broader and less-scrutinized authorities, but only less advertised. If a foreigner hosts data on a Swiss system and Swiss intelligence wants access to it, then they have means of targeting that system, and are not accountable to their courts for those methods.

  10. Swiss Bank Accounts by b1ng0 · · Score: 1

    I'm not so sure. The Swiss also had strong protections and privacy laws regarding bank accounts but look what happened to those when the IRS wanted the data on US citizens.

  11. Re:Yes, that's why the Nazi's hid their wealth the by rubycodez · · Score: 3, Informative

    "Under the new treaty, U.S. authorities will be able to ask the Swiss to disclose names of U.S. taxpayers at a bank who exhibit certain "behavioral patterns" indicating tax evasion under U.S. law, such as trying to conceal the ownership of the account through a trust. The U.S. also will be able to request information even from small cantonal banks that, unlike UBS and Credit Suisse Group, don't do business in the U.S." WSJ 05 March 2012

  12. Don't forget the Cayman Islands... by __aaclcg7560 · · Score: 1

    I'm still waiting for Mitt Romney to explain how his IRA account can have $100M in it when legal contribution limits is ~$200,000 over 40 years.

    1. Re:Don't forget the Cayman Islands... by xxxJonBoyxxx · · Score: 1

      >> I'm still waiting for Mitt Romney to explain how his IRA account can have $100M in it when legal contribution limits is ~$200,000 over 40 years.

      Seriously? If it's really affecting your mental health, please read this article:
      http://www.bloombergview.com/articles/2012-07-15/the-secret-behind-romney-s-magical-ira
      (TLDR: you can inflate your IRA by moving low-valued assets into it to get under the limits; Romney was essentially accused of undervaluing the assets he moved into his IRA)

      You should also Google "SEP IRA limits" - that's the plan that small business owners use to contribute (and deduct) up to about $50K year. If your spouse is an owner too (or at least part of the SEP plan), that goes to up to $100K per year, I think.

    2. Re:Don't forget the Cayman Islands... by __aaclcg7560 · · Score: 3, Informative

      If it's really affecting your mental health, please read this article:

      Mitt Romney had an obligation as a presidential candidate to explain why he had an unusually large retirement account and release his tax returns. He didn't, danced around the issue and played the victim when the media ran stories.

      You should also Google "SEP IRA limits" - that's the plan that small business owners use to contribute (and deduct) up to about $50K year.

      Most business owners don't set up SEP IRAs in the Cayman Islands. Unless, of course, they have something to hide from the IRS or the general public.

    3. Re:Don't forget the Cayman Islands... by phantomfive · · Score: 1

      Maybe we should.

      --
      "First they came for the slanderers and i said nothing."
  13. Arguments about gold and rules missing the point by Anonymous Coward · · Score: 1

    I'm sure the Swizz will create an awesome bunch of rules explaining in precise detail how they will promise to maintain your data private.

    Execution, however, is a different matter as it is not the swiss who have built our operating systems and neither is it likely they could even do it in a secure way.

    So it's a non-starter.

  14. Re:Yes, that's why the Nazi's hid their wealth the by jfdavis668 · · Score: 1

    Your right!

  15. Absolutely by ThatsNotPudding · · Score: 1

    All it takes is an unwavering belief that the organs of state security do not see themselves as clear-thinking Defenders of the Faith, and have not placed themselves and their actions above the orders and rules of mere elected officials.

  16. Re:but of course. by PopeRatzo · · Score: 3, Funny

    You do realize Sweden and Switzerland are two different countries.

    Seriously? Are you sure? That's the place where they wear wooden shoes, right?

    --
    You are welcome on my lawn.
  17. No. by Anonymous Coward · · Score: 1

    Next question?

  18. Store data on the cloud like RAID by Solandri · · Score: 4, Interesting

    So for example if you have data servers in 8 countries, you encrypt and break your data up into 5 chunks. Create 3 additional parity chunks, and store one chunk in each country. To access the original data, you need to pull data from 5 of the 8 servers (the 3 parity chunks allow you to access your data even if access to your servers in up to 3 of those countries goes down).

    Any individual country's government can hack, install backdoors on, or confiscate your servers in that country, and it won't help them read your data. In order to get a readable copy of your data, they need to pull the data from at least 5 of your servers in different countries, and have your decryption key. There's no need to pick a single country and hope that it is/remains neutral and friendly to your data.

    1. Re: Store data on the cloud like RAID by Anonymous Coward · · Score: 1

      They don't need to confiscate your data. They only have to confiscate YOU. Then you either surrender the keys or go to prison. After 25 years they ask you again. Encryption is useless. Technology cannot prevail against the State once the gloves come off.

  19. ProtonMail by GbrDead · · Score: 4, Informative

    Actually, ProtonMail sucks a lot. It's "security" is based on two passwords: one for login, one for decrypting the mailbox.
    1. Both of the passwords were sent to their server upon registration. I have no guarantees that they were not stored in clear text.
    2. I have no guarantees that the mailbox is even encrypted.
    3. Even if the mailbox is encrypted and they haven't stored its password, a totalitarian government may force them to install a man-in-the-middle and have my messages the moment I access them (i.e. send the password).
    4. No PKI. No interoperability with PGP/MIME or S/MIME. Totally proprietary. If I send an e-mail message to a non-ProtonMail address I must somehow communicate a password for it as well. How? Not ProtonMail's problem.

    In short, ProtonMail provides something that is not an end-to-end e-mail encryption and thus not useful at all. You can do much better by using even GMail (via SMTP and IMAP/POP3) with ThunderBird and Enigmail (a PGP/MIME extension). Google will only ever see the encrypted messages. Only using a desktop client guarantees that your private key will never be sent to a man-in-the-middle (e.g. GMail, ProtonMail).

  20. Re: Yes, that's why the Nazi's hid their wealth th by Type44Q · · Score: 1

    The Swiss dropped their pants a while back for the U.S. I.R.S.

    Not to mention them buzzing the Russian Speaker's jet last fall; their "neutrality" is likely anything but.

  21. The trend has been going in this direction for yea by comrade1 · · Score: 1

    Maybe not Switzerland, but the trend since the Snowden revelations has been to move data back to Europe from the US. European companies have been dropping hosting and networking companies In the America and it's estimated Cisco has lost around 30 billion in sales. Who knows how much hosting companies like Amazon have lost. So, European companies and subsidiaries are moving their data back to their home countries. There hasn't been a Snowden-level event yet in the countries to force the companies to think about moving their data to Switzerland. I work with multinationals in Europe and I've seen first-hand companies moving their hosting back to Europe but I haven't seen companies moving to Europe yet, other than Swiss companies.

  22. Re: but of course. by Type44Q · · Score: 1

    Yep, i believe that's where they speak three languages; um... I think French, German and this...

  23. Re:Guarantees? Banking secrecy, anyone? by johanw · · Score: 1

    Well, those banks usually also had a presence in the US so they could use that to pressure them. Anyone with more than 2 brain cells won't put a legal presence of such a data-protecting company in the US or EU.

  24. Re:Me too by johanw · · Score: 2

    So you're saying they are very vulnerable to a social engineering attack?

  25. Just to be safe... by 14erCleaner · · Score: 1

    I keep my odd-numbered bits in Switzerland, and the even-numbered ones in the Cayman Islands. Can't be too careful these days.

    --
    Have you read my blog lately?
  26. Re:The trend has been going in this direction for by 110010001000 · · Score: 1

    You must be kidding. AWS and Azure revenue is going through the roof. Ciscos revenue is at an all time high.

  27. Re:but of course. by Anonymous Coward · · Score: 1

    > Zimbabwe starts with an S? Put down the Swiss cheese bong, man...

    Yes, as long as Sweden and Switzerland are the same, Zimbabwe is written with an 'S' ;-)

  28. Re:Yes, that's why the Nazi's hid their wealth the by Threni · · Score: 1

    Heh, yeah I loved the irony of that one too!

  29. The Same Problem by JimSadler · · Score: 1

    Switzerland has enabled crime for many decades with the supposed privacy laws. The stash of Nazi wealth in Switzerland and a refusal to help return property stolen from the Jews leaps to mind as well as enabling tax evasion for US citizens. So just how can we have privacy and still prevent financial crimes as well as terrorist activities? Perhaps a partial solution would be to allow businesses far less privacy than we allow the public.

  30. Re:Yes, that's why the Nazi's hid their wealth the by rubycodez · · Score: 1

    I'm sure we'll have a new treaty where the swiss will report any internet user exhibiting certain behavioral patterns on swiss servers to the USA. Funny how most of the governments of earth lube up their bungholes and bend and spread it for the U.S. of A-holes.

  31. Re:Guarantees? Banking secrecy, anyone? by skegg · · Score: 2

    To be fair, a lot of constitutions across a lot of countries "guarantee" their citizens many things.
    The problem is that the government-of-the-day chooses to interpret the constitution however it wishes.
    And it's our fault for not holding them accountable.

  32. Iceland would be better by seoras · · Score: 2

    I was asked by the ex-CEO of Mega (not Dotcom) for suggestions for non-hostile data centres about a 18 month ago.
    We'd met casually and he was talking about the risks of raids, neutrality etc and was soliciting ideas.
    I suggested Iceland for a number of good reasons.
    1) Geo-physical location. Right in the middle of the atlantic at the mid-point between Europe and N.America. Good latency to either continent.
    2) Political neutrality. Iceland jails bankers and politicians. Not whistle blowers and has been a Wikileaks save haven.
    3) Abundance, even surplus, of renewable energy. Cooling isn't a problem either :)

  33. Re:Why not? by nnet · · Score: 1

    Because...bacon.

  34. Re:Yes, that's why the Nazi's hid their wealth the by gweihir · · Score: 1

    You are confusing swiss banks with "the swiss". These days, swiss banks are international corporations.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  35. Re:Guarantees? Banking secrecy, anyone? by gweihir · · Score: 1

    You are confusing storing money in bank account that us managed by a bank and storing data in a data-center most decidedly not managed by a bank. Here is a hint: The bank operates internationally and hence is subject to pressure in the US, for example.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  36. Re:Me too by gweihir · · Score: 1

    Depends on what you have arranged with them for this situation.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  37. Re:but of course. by houghi · · Score: 1

    It's not a country. It's a provice: Zeeland. That is right next to Australia, so Australia is next to that country. Yep, checks out.

    (My head hurts)

    --
    Don't fight for your country, if your country does not fight for you.
  38. Re:but of course. by dave420 · · Score: 1

    Oh John, you sure screwed up that one. Your stunning geographical confusion casts doubt on your ability to accurately judge the situation.

  39. Stormy clouds by Anonymous Coward · · Score: 1

    This idea is similar to "Stormy Clouds", with the addition that on an information-theoretical basis, maximal distance separation codes can provide more entropy that traditional symmetric encryption: [paper] [presentation]

  40. Re: Guarantees? Banking secrecy, anyone? by gweihir · · Score: 1

    Most data-center operators in Switzerland do _not_ operate internationally.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  41. Mars by NewYork · · Score: 1

    I think Mars is better

    --
    Casteism