Techies in Europe – who obviously have a vested interest in unsettling Microsoft stronghold on the market as AWS, Microsoft, and Google have upwards of a 70 percent share of the public cloud sector in the region – previously highlighted the potential dangers of US legislation.
I’ve mentioned this before as a criticism for Canadian boycotts of the US. Every large Canadian website, even Government and News use US cloud services. Every. One.
Frank Karlitschek, CEO of Nextcloud, told us in March, “The Cloud Act grants US authorities access to cloud data hosted by US companies. It does not matter if that data is located in the US, Europe, or anywhere else.”
How was this allowed to happen? The minute that law was passed all sites that use them should have discontinued their contracts. JFC.
I think a company in Europe doesn’t give a shit that the US government can peek at their data. Their users might care but they certainly don’t.
What’s new is that they no longer trust the stability of the services long term. What if trump slaps a tariff, or asks Amazon to shut down access, or whatever bullshit passes through his head daily? You wouldn’t store your business on Russian servers, and they’re starting to realize the same applies to the US.
They have to give s shit, because they are ultimately responsible for the handling (and abuse, if it comes to that) of the data, and as European companies they are in easy reach of the European law.
Nah, as long as the actual servers are hosted in Europe, you’re compliant with GDPR and European law. The European company is not liable if the US government violates the EU-US framework.
The Processor is not, but the Controller is still required to guarantee appropriate security for personal data.
Appropriate means running a risk assessment and deciding accordingly.
The problem is when in the EU we take as security responsible for healthcare people who handled IAM for Jira tops.
European data on European servers is fine, as long as American agencies can’t just access data on those (which one cannot rule out with American companies).
It never was, and all the laws that were installed to make this appear legal were nothing but meaningless fig leaves.
I’ve mentioned this before as a criticism for Canadian boycotts of the US. Every large Canadian website, even Government and News use US cloud services. Every. One.
How was this allowed to happen? The minute that law was passed all sites that use them should have discontinued their contracts. JFC.
I think a company in Europe doesn’t give a shit that the US government can peek at their data. Their users might care but they certainly don’t.
What’s new is that they no longer trust the stability of the services long term. What if trump slaps a tariff, or asks Amazon to shut down access, or whatever bullshit passes through his head daily? You wouldn’t store your business on Russian servers, and they’re starting to realize the same applies to the US.
They have to give s shit, because they are ultimately responsible for the handling (and abuse, if it comes to that) of the data, and as European companies they are in easy reach of the European law.
Nah, as long as the actual servers are hosted in Europe, you’re compliant with GDPR and European law. The European company is not liable if the US government violates the EU-US framework.
The Processor is not, but the Controller is still required to guarantee appropriate security for personal data. Appropriate means running a risk assessment and deciding accordingly.
The problem is when in the EU we take as security responsible for healthcare people who handled IAM for Jira tops.
European data on European servers is fine, as long as American agencies can’t just access data on those (which one cannot rule out with American companies).
It’s like people still don’t know about Schrems II or the Cloud Act.
Or they somehow seriously think that the EU-US Data Privacy Framework resolves the issues that killed the EU–US Privacy Shield?