back to article Proposed US law could deal knockout blow to FBI in overseas cloud privacy ding-dongs

The US Congress, now fully under Republican control, is getting busy with laws to protect data: two bipartisan bills appeared on Thursday that would bring the 1986 Electronic Communications Privacy Act (ECPA) bang up to date in the 21st century. The first piece of proposed legislation [PDF] is the Electronic Communications …

  1. Glen 1

    RE NY judge getting EU data

    Been looking for something like Digital Ocean's $5 a month plan, but based in the EU (ie not just having EU servers). I don't mind if its a bit more expensive, my (performance) needs aren't huge.

    I just don't want any of my (potential) client's data to be available to a judge half the world away, it's a hell of a liability.

    At least not without the proper authority of the local judiciary (for a given value of proper).

    Any suggestions?

    See also: David Carruthers

    1. Anonymous Coward
      Anonymous Coward

      Re: RE NY judge getting EU data

      Can I suggest not using EU servers as offer very little protection (remember Ireland / MS debacle), I'd recommend looking a Swiss host, they have massively superior data protection.

      Have a look at

      https://www.exoscale.ch/

      or

      https://www.safeswisscloud.ch/en

    2. Doctor Syntax Silver badge

      Re: RE NY judge getting EU data

      MyKolab claims to hold all data in Switzerland.

  2. NotArghGeeCee

    OK, what am I missing here???

    I've read the article's precis of the LEADSA (sic) act and it seems utterly sensible...

    ...and yet, Orrin Hatch's name is all over it...

    ...Does Not Compute.

    1. Anonymous Coward
      Anonymous Coward

      Re: OK, what am I missing here???

      There is this slightly odd quote to reassure you that they may still not have fully grasped the point:

      "Law enforcement agencies wishing to access Americans' data in the cloud ought to get a warrant and just like warrants for physical evidence, warrants for content under ECPA shouldn’t authorize seizure of communications that are located in a foreign country," said Coons."

      I think they'll find that the concern beyond the shores of the US of A is more about American courts ordering American companies to grab non-Americans' data. And while they probably don't care too much what foreigners think, their tech company campaign donors do, when it threatens their bottom line.

  3. streaky

    I had no clue..

    .. the fix for this would come from the US and the EU would remain totally silent on the issue of yankee doodle dandy thinking they can eat whatever they like. The hell is wrong with the world when the Republican Party in the US is saving us from this nonsense?

    1. Yet Another Anonymous coward Silver badge

      Re: I had no clue..

      Without this law the EU, and then others, is one step away from declaring it illegal to store any medical, financial or personal data on any cloud service with a US presence or buy consulting services from any company with a US presence.

      That's the sort of thing that makes republicans take notice.

      Don't worry it won't apply to American data, or the NSA.

    2. Anonymous Coward
      Anonymous Coward

      Re: I had no clue..

      Well, we just had an election here and while the Republicans probably got somewhat more money than the Democrats (don't recall for sure), everyone with any sense donates to both sides. Along with the money comes a "list of concerns" that their business has about now. So, it shouldn't be any surprise that those concerns are being turned into Bills in both houses of Congress. Do note, Google broke some records on the contributions side too.

    3. localzuk

      Re: I had no clue..

      The EU hasn't been silent. They are currently engaged in a thorough analysis of the problem, and whether the US SafeHarbor agreement is worth the paper its written on.

      The main issue is that the EU bureaucracy works so incredibly slowly.

  4. Mark 85

    This is nice that our Congress is thinking privacy...

    but since the NSA is still fully funded and the "information exchange" procedures still exist amongst the I's... I'm not sure this will do anything except create some visibility for the FBI only.

    1. Anonymous Coward
      Black Helicopters

      Re: This is nice that our Congress is thinking privacy...

      How much do you want to bet that overtly stomping on this kind of activity will result in the FBI reducing interaction with the judiciary, while increasing their "Hey, we've got a favor to ask" calls to the NSA at Fort Meade.

  5. Alister

    If it passes, President Obama would be unlikely to veto the legislation, since the sponsors include some of his closest partners in Congress.

    Was there an assumption that he would try to veto this legislation then? I don't see that he would, I would have thought he'd be all in favour of it?

    1. Anonymous Coward
      Anonymous Coward

      I believe this is more of a process point. Because he could veto it it's worthwhile to note that it's unlikely.

      The cynic in almost everyone thinks that the NSA, the only stakeholder whose concerns could possibly slow this bill with this backing, will have been privately assured that they can continue to do whatever they want as long as they get better at hiding it.

    2. Yet Another Anonymous coward Silver badge

      >Was there an assumption that he would try to veto this legislation then?

      He is a democrat president with no power other than the ability to veto bills from the republican congress (and declare war). The republican congress has no power other than to vote down bills from the democrat president.

      It's a system that protects America from their government.

      1. Pascal Monett Silver badge

        Re: "It's a system that protects America from their government"

        Really ?

        Doesn't seem to be working very well right now, does it ?

  6. Bob Wheeler

    Common Sence?

    At first glance these two bill's do seem to be going in the right direction, even if it is 29 years in the making in regard to protecting e-mail access.

    I guess it will depend on what changes are made beforehand, and then if/when they actually get into law.

  7. Anonymous Coward
    Anonymous Coward

    For the clueless...

    ...the Feds have no interest in reading your e-mail nor the time to do so, unless you are a perp or terrorist. Nothing is going to change other than more crims will be caught.

    1. Tom 38

      Re: For the clueless...

      Yes, The House That J. Edgar Built would never think of investigating people's personal lives for no reason.

      1. Anonymous Coward
        Anonymous Coward

        Re: For the clueless...

        No, the House that J. Edgar built investigates you because you believe in radical things, like peaceful civil rights advocacy or that getting militarily involved in Vietnam or Iraq might not be such a great idea.

    2. Doctor Syntax Silver badge

      Re: For the clueless...

      Or maybe a business doing business with a US company? Or competing with one? Or...?

  8. Mike 16

    As Perry Mason would say

    "Objection! Assumes facts not in evidence".

    Specifically the assumption that US LEAs give a shit about obeying the law themselves.

    Or should I go with the New Orleans madam in regard to outlawing prostitution:

    "They can make it illegal, but they'll never make it unpopular".

  9. Anonymous Coward
    Anonymous Coward

    A step in the right direction

    It's about time some of the REAL issues surrounding data privacy were finally addressed by Congress.

    As things stand now, US companies haven't got much hope of storing foreign data on their US cloud services (even when the servers are in another country) until there are clear and unambiguous rules regarding investigations, seizure and discovery. We used to have them in the forms of treaties, international arrest warrants and other agreements, but somehow the WoT and high tech turned all of that into ineffectual mush.

    Right now, online mom and pop stores, corps with serious IP, banks, and knaves of various shapes and sizes (including governments) have very good reason to be leary of storing their data in places where it can be pillaged and raped on the whim of some G-Man.

    Let's hope this catches on.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like