Ex-Microsoftie in worthless Euro netizens data security promise An ex-Microsoftie has launched a new cloudy startup that promises to keep the data of Europeans "safe" by storing it only within the EU. But that pledge is utterly worthless, given that – for example – NSA chums are still likely to come calling for access to that data from their security counterparts in the 28-member-state …
"Strictly speaking true for a given value of 'foreign'."
Indeed. ...and spoken by a pair of Yanks who've based themselves in the UK and Czech Republic, it's probably safe to assume those values of "foreign" include Uruguay, Paraguay, Angola, Cuba, Tuvalu, Mongolia... and probably several others.
I think the Reg title is a little harsh, no? It's the USA's Patriot Act (what a name) that's the problem. A USA owned firm can't avoid giving up your data and has to do so secretly. At least in the EU you will be served a warrant. Probably.
I see Zettabox are registered in the UK which seems silly when compared to registering in Germany and taking advantage of their strong privacy laws. At the moment we are busy passing legislative changes that allow all the naughtiness that GCHQ have been getting up to.
It's good to see these companies popping up. Moving business out of the USA is one way of making their government think twice (okay, think once).
I think the Reg title is a little harsh, no? It's the USA's Patriot Act (what a name) that's the problem. A USA owned firm can't avoid giving up your data and has to do so secretly. At least in the EU you will be served a warrant. Probably.
The title is fairly accurate, but more than even the author thinks. It's not just the USA Patriot Act that is the problem, and it's not just the NSA either. To fix this takes more than some US bloke setting up shop in Europe and making loud noises like "nah nah nah nah - you can't get data here" because if it was that easy we'd also have all the criminals do that same (I know it's unpopular to state the obvious, but let's keep in mind that bad people do exist too), but to be fair, that's about the only thing they can publicly sell.
It needs to be done right, and that takes a heck of a lot more skills than especially someone from Microsoft would have access to, not in the least because a US passport already shows the potential for leverage before the company has even opened its doors.
It can be done, but it's not as easy as just wandering into a country and renting some servers.
With Zettabox your content is safe from cybercriminals and foreign government intervention.
The only way for that to be really true is if it uses full end-to-end encryption; where only the user/customer has the keys to decrypt the data. And if you use full end-to-end encryption, then it doesn't really matter where the data is stored, because getting access to the encrypted blob doesn't get you anywhere without the keys.
From what I've read about Zettabox, I very much doubt they use full end-to-end encryption.
Why use a service like this, or any cloud service even for email. If they want our data let them come knocking, and do oldschool legwork... We can keep most of our data locally and air-gapped and cloned to a secondary location like a family home for crucial backups. Most of us have been doing this all our lives anyway (pre-cloud).
This is all obvious stuff, but its important to remember that even at a micro or nano-level we can push back against the tide. If more people resist cloud services for storing personal or confidential data, cloud operators will take a hit to their bottom line eventually. Their lobbyists will be forced to go after key members of government that we can never lobby (i.e. proposed data privacy changes in TTIP etc).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
