Court Ruling Shows The Internet Does Have Borders After All

itwbennett writes: Microsoft's recent victory in court, when it was ruled that the physical location of the company's servers in Ireland were out of reach of the U.S. government, was described on Slashdot as being "perceived as a major victory for privacy." But J. Trevor Hughes, president and CEO of the International Association of Privacy Professionals (IAPP) has a different view of the implications of the ruling that speaks to John Perry Barlow's vision of an independent cyberspace: "By recognizing the jurisdictional boundaries of Ireland, it is possible that the Second Circuit Court created an incentive for other jurisdictions to require data to be held within their national boundaries. We have seen similar laws emerge in Russia -- they fall under a policy trend towards 'data localization' that has many cloud service and global organizations deeply concerned. Which leads to a tough question: what happens if every country tries to assert jurisdictional control over the web? Might we end up with a fractured web, a 'splinternet,' of lessening utility?"

I'll take the bait

[guruevi]

No, we just end up with these large corporations splitting up in entities that are harder to control (and tax). Microsoft will just transfer it's "data assets" to Microsoft Farawayistan just like it does with it's taxes to Microsoft Ireland. We may end up with all of the major data centers in South America, Japan and Eastern Europe and thus a shift of both tech, brains and money to countries that don't put up with idiotic lawmakers.

Re:I'll take the bait

I was with you until the 'idiotic' part.

The idea that cyberspace is space-less, that' it's some vague cloud beyond national laws, has also created lots of (privacy) problems.

I really like my EU protections, and I can see the oposite happening where something like "Our servers are located in the EU" becomes a mark of quality.

Re:I'll take the bait

[Sique]

The Location of data has what to do with its movement around the world?

It always exists in at least one place.

Even that is not a given. Think about a RAID5 spread over several legislations, where each hard drive is in another country. No legislation has control over a complete set of the information in the RAID5, and only if one reads a sector of it, its parts get requested in the different locations and combined to the real data. And only if all but one legislations agree, you are able to get the complete information, as the data from n-1 stripes can reconstruct the original.

Re:I'll take the bait

[SuricouRaven]

My favourite was an old p2p network - I think it was called OFF? It never caught on, but it had a very interesting concept.

Let's say you have a copyright-infringing file - call it Bieber-generic-love-song.mp3. You don't share it directly. When you put it into OFF, the client will see if it has a block of data of matching size or a little larger. If not, it'll create one - full of completely random bits:
Garbage1.bin.
Now, it takes your Bieber-generic-love-song.mp3 and XORs that with Garbage1.bin. That gives you Garbage2.bin... which is also purely random, because it's a result of an XOR with uncorrelated random bits.
Now you have two chunks of data, Garbage1.bin and Garbage2.bin, both of which are utterly random - they can't possibly be infringing upon copyright in any way, because they contain no meaningful information. But the network also has a search function - and if someone were to search for Bieber, your client would answer: "I know of Bieber-generic-love-long.mp3. To get it, use Garbage1.bin and Garbage2.bin, truncate to X bytes."

The searcher than goes and downloads Garbage1.bin and Garbage2.bin - both of which are, on their own, nothing but random bits. And from those, through the magic of mathematics, out pops the latest vapid ode to an unnamed girl from a manufactured pop star.

The overhead is bad - up to 100%.

It never really caught on because of the overhead and because better, though more legally-dangerous, networks also existed. But it shows an interesting approach to using mathematical trickery to subvert the law. Somehow I doubt it would stand up in court - judges tend to frown upon people who find creative ways to avoid infringing the letter of the law while making an obvious mockery of the intent.

The wikipedia page still exists, but the website of the software doesn't.

2006 was a time of great optimism for the pirate community - I was in university at the time. Napster had been shut down, but countless successors were blooming and it really felt like we would bring down 'The Man' and usher in a new age of free access to knowledge and unconstrained international flow of communication. The future felt inevitable. Turns out we were wrong. I wonder if this is what the hippies felt like as they grew older, realised the flaws in their youthful vision and watched their movement fade.

Short answer

[ebonum]

Yes.

Long answer. China is quickly moving in this direction. 20% of the world's population is quickly moving towards being on an internet island. Currently, the great firewall is a black list. There is talk of it becoming a white list. Of course to get on the white list, companies will have to jump through all sorts of hoops. Including agreeing to terms such as recognizing Taiwan as part of China, that China owns the South China Sea, Japan sucks and the Chinese people are superior in every way, etc. Globally, all content from the company will have to follow rules to promote peaceful, happy society. Otherwise, you company doesn't get access to China. The sad part: most companies will agree in a heartbeat.

Re: Short answer

and yet the US government acts as if it has some sort of manifest right to said data wherever it may reside. Well, the data islands may be bad. but I'd sure hate for Herr Erdogan to determine that this post is inflamatory to him and that the US should just compel /. to unmask my anonimity so they can then compel US Marshalls to help facilitate my extradition to Turkey to whatever kangaroo court will soon be set up. Erdogan can just go suck on big Q and shove a big W up his ass.
tl;dr similar laws and policies protect people so why shouldn't data be protected?

Actually, I've seen a vision of how it turns out.

[Narcocide]

Turns out this is the setting of the world in which your character lives in Megaman Battle Network 2 (Nintendo GBA). Its not really the plot, but as a setting for a world it makes some interesting but subtle social commentary. First of all, it just assumes this is the "right way" for the internet to work and that it always has been thus, and doesn't debate it with you. You're along for the ride in a world where:

1) Just connecting to the internet in another country requires a Passport.
2) The internet is not as safe in every country. In fact, they're all incrementally more dangerous than your home country's internet.
3) The space on the internet between country jurisdictional borders is very hostile.
4) Viruses roam freely, attacking anything in their sight. Nobody seems to know why they are there. They just take for granted that they must always have been there or are naturally occurring.

The internet and data

[trailerparkcassanova]

They're two separate things. Data is physical while the net is just a means to access data. Data is property. The data exists regardless of the internet. I don't see what the hullabaloo is about.

Re:The internet and data

[Aighearach]

I don't see what the hullabaloo is about.

Just wave your arms in front of your face while shouting buzzwords. Now, can you see what the hullabaloo is about?!?

As far as fractured... I'm not sure they understand the inter- in internet. If it was continuous, what even needed connecting?

The 90s called and want their cyberspace back

[Kjella]

Remember when tech pundits were talking like the Internet would transcend to become it's own nation that people would emigrate to and live in? Well shit turns out we still live in meatspace with countries and laws. And surprise, surprise so does our data. The cloud is just the new buzzword for the same concept without the people. I suppose companies will try to go jurisdiction shopping, but I doubt they'll succeed. The governments of the world will set requirements for dealing with their citizen's data and you'll either comply or get in legal trouble, like the EU's "right to be forgotten". Yes, it means data on the Chinese might stay in China but it might also mean data on US citizens stay in the US. Would you really like them to swap? Or do you just want to fulfill the NSAs wet dream that all data on everyone in the whole world go through the US? Seriously, for most of us local data is a good thing.

Incentives

[edjs]

"it is possible that the Second Circuit Court created an incentive for other jurisdictions to require data to be held within their national boundaries"

No, the PATRIOT act and related laws regarding the (lack of) privacy for data held in the US did that ages ago.

What's needed is a new architectural layer

[presidenteloco]

which moves (encrypted) fragments of files around the world, ostensibly for performance and reliability reasons.
So it would act like a content delivery network does with whole files.
Except that this layer would be the default assumption for where you put data on the Internet.
Data in the new paradigm has no home physical location. It only has identity, and access rights granted by possession of decryption keys.
For data intended to be fully public, perhaps its metadata would be unencrypted in the layer, for searchability. But that would not imply a particular physical location for the data file payload itself. A search would result only in an identifier, which the layer infrastructure would locate an retrieve from multiple sources.

Data would automatically maintain sufficient worldwide distributed copies of itself, and the system would migrate (and cache) copies of data fragments closer to end-users of the data, based on speculative probabilistic co-access patterns. In other words, data would coalesce toward where it was needed, as an automagic feature of the distributed storage layer.

This kind of distributed encrypted storage layer thing (not owned by any single company of course, but rather both open/libre and partly peer-to-peer) needs to get implemented, and widely adopted so that it is a default assumption of how content on the Internet mostly works, BEFORE it is made substantially illegal by overreaching governments.

That's how to make the Internet remain borderless. Make it a fait accompli that is very hard to subvert technically without blocking nearly every ip address, which, if this is implemented right, could be a partial mirror of fragments of the content.
 

No

[PPH]

The Internet has no borders. Court jurisdictions do however.

Countries might try to mandate local storage for their citizens' data. But that is authoritarian control over their citizens, not so much the Internet. Anyone reasonably motivated can still move their data to overseas services if they are willing to incur the risk.