Re: Technological solution
But there is the option of encrypting a customer's data with their own key(s) in such a way that the cloud service never has access to said keys. In that sense it matters not one hoot as to where your data is because its always under your lock & key.
Not so fast, Paul, you just mentioned the word "legal". The premise "asking us fort cleartext data is pointless because we don't have a key" has as yet not been proven in court - there is no case law to back up that that is indeed an answer that absolves the provider from a failure to supply data under warrant. The way I see US legislation going (badly for privacy) it is well possible that at some point a company will be alleged to obstruct justice by doing this at which point the Backdoor Boys™ finally have what they want via a different route (because that idea won't die either, as idiotic as it is).
From where I sit I see no sign that the US government is realising it has drilled a rather large hole below the waterline for all Silicon Valley service providers, and they had about 15 years to discover that (because the flaws in Safe Harbor were not exactly hard to spot - it's not the EU's fault that they chose to ignore them). I know most of Silicon Valley that could afford a lawyer was definitely aware because I have entertained myself for years asking their CEOs those questions on shows and watch them squirm and undo their glossy presentations (yes, I don't get invited much now, but they can't keep out a paying customer and it's worth it for the entertainment alone :) ). I also kept running into lobbyists in EU Parliament surroundings and forums, so the collective wailing about the demise of Safe Harbor was rather fake, they knew damn well they were making profits on legally very shaky grounds. The only reason Safe Harbor even came into being was to prevent US trade restrictions, but Snowden provided enough political power to the EU to ruin that particular game of blackmail for the US, at least this time round (what they negotiate in secret is for another time).
However, on the plus side (for them, not us), now it has become clear that one private bank founder by the name of Tony Blair has quietly allowed a sort of NSA mirror to be established without any shred of democratic process, maybe US providers can now claim to be at least UK compatible?
Biting the hand that feeds IT
