PATRIOT Act Continues To Harm US Businesses: BAE Refuses To Use MS Cloud Over PATRIOT Act Fears
from the how-is-that-helping dept
Following on recent reports that, under the PATRIOT Act, European companies that use Microsoft’s cloud offerings in Europe might find their data subject to US government snooping and seizure, it appears that some rather large European companies are rethinking their cloud deployment plans. UK defense contracting giant BAE had apparently planned to start using Microsoft Office 365, until it was pointed out that this could make their documents subject to US snooping under the PATRIOT Act… and the company changed its plans. At what point do PATRIOT Act supporters realize that such broad provisions don’t help the US at all, but only lead to situations like this, where business is driven elsewhere.
Filed Under: cloud, europe, patriot act, privacy, us
Companies: bae, microsoft
Comments on “PATRIOT Act Continues To Harm US Businesses: BAE Refuses To Use MS Cloud Over PATRIOT Act Fears”
Is this the same BAE that is being sued for being a dick to MoH reciepient Dakota Meyer?
Re: Re:
Yes.
Re: Re:
The simple answer is yes. The more complex answer is that his supervisor at BAE was a jerk. BAE should have distanced themselves from Bobby McCreight and reprimanded him for the things he said about Sgt Meyer.
The US deliberately destroying their own economy...
MS offered live@edu (Office 365 for educational institutions) to all the big schools and universities here in Switzerland for free. But I don’t know of any that will actually use it. The Patriot Act is a business killer. Most IT departments here also consider Google Docs and the likes as too dangerous. They’d only use that stuff if it was hosted in Switzerland and be protected by Swiss laws.
I mean, why should the US government have any right to access our data? No such right should exist for any government anywhere. That’s just insane.
Ask the folks that depend on tourists how they are doing with foreign tourists. Most tourists have a choice where they will spend their money. Why put up with laptop seizures, investigations into your background, TSA privacy violations, etc just to have someplace to go spend your money on holiday?
I’m afraid the only reason the US government wants access isn’t to prevent terrorism but rather because they are scared of their own citizens after all the crap they’ve pulled over security and privacy violations. Just because you’ve written and passed a law does not make it compatible with the citizens.
Re: Spending holidays in the USA
When I was young, I wanted to visit the USA, today I’ll take great pains to route my flights around it. I don’t care one bit for all the humiliation that can happen to you at US airports. I’m not saying that everything is fine in other countries, in fact they ramped the security theatre up a bit too, but it is nowhere near the palpable paranoia expressed at security screenings in the US.
If you have to travel to the USA at all, then the recommendation by business groups is to travel with wiped electronic devices or none at all. In either case the data will only be obtained after you made it out of the airport through encrypted connections to your servers at home. That is a major hassle but almost the only way you can prevent your data being siphoned off or you thrown into jail (though that seems more a British problem IIRC) until you hand out the password for those encrypted disks.
The Other Side of Responsibility
The problem with the PATRIOT Act is the fact that it’s a 1-way street. It’s worded such that all Due Process can be thrown out on a whim, and that’s not good, but that’s not the problem. The issue is that, after a citizen’s rights have been trampled on, they have no recourse, even after the fact. Many, many democracies around the world have a similar model to the patriot act – a guilty until proven innocent model, if you will – but the difference is that at least you are given a reasonable chance to prove yourself innocent soon after arrest. The burden of proof may be on you, but at least you DO have the oppritunity. With the PATRIOT Act, if you are arrested as a “terrorist” and it turns out somebody jumped the gun and has no evidence against you, you don’t ever have to be given the oppritunity to defend yourself. You could languish in prison – official or unofficial – for YEARS while your bills go unpaid, your family goes uninformed, your job, house, insurance, and even memories of your childrens lives are all lost to time. And then, once you get out and anre finally released back to the absolute shamble of a life you have left, what do you get? You get to sue the government, even if you can identify who took you, and then have a judge rule that you were taken legally under the PATRIOT Act and have no legal recourse. So now you can add a $25,000 legal bill to your lack-of-a-life.
Abolishing the Act is the best course of action, but if we can’t do that, here’s an idea: a federal fund to cover the costs, financially at least, of rebuilding your whole fucking life after you get out if no charges are files against you. Based upon your most recent tax return, adjusted for inflating, etc, enough to fund at least 2 years of your previous life without a job.
That, or rather than spending the untold millions on a system like this, we could just go back to the constitution that worked so well for over 270 years. Just a thought.
Why Not Encrypted?
I wonder why cloud providers aren?t yet offering a ?least-authority? filesystem like Tahoe, where only the customer can access the unencrypted bits, and any attempts by the cloud providers to tamper with the data will be detected. Then the US Government can wave it PATRIOT Act till it?s blue in the face, it still won?t be able to decrypt the data.
Re: Why Not Encrypted?
You generally don’t encrypt the location you store the database file because it’ll greatly degrade the performance, and you don’t encrypt every individual cell because if you so this, you lose indexed search functionality (say like ‘%abc’ syntax)
Re: Re: Why Not Encrypted?
Might be possible to still perform some operations on the server using homomorphic encryption.
Re: Re: Re: Why Not Encrypted?
And then they’ll make encryption of cloud storage illegal or mandatory to provide Government with the master key.
Re: Re: Why Not Encrypted?
In the case of the “cloud” you can’t really care about performance if you want any security at all.
Most Canadian businesses won’t use US based clouds given rulings by Canada’s privacy commissioner that the cannot share data with foreign governments without either a customer’s specific consent or a court order. Blanket bans exist on banking data except in special cases covered by specific intelligence and security needs. And medical data is not to be sent across the border at all, it must be retained in Canada.
Almost all of this came to pass following the passage of the PATRIOT Act. Until then law enforcement on both sides of the line co-operated and shared data as needed for investigations, business data was freely shared as was most other data. It only made sense to. It doesn’t anymore. Add that to lengthy border wait times and an increase in hostile US Customs agents Canadians are electing to stay home, as are Americans who actually need a passport to return back to the country they’re citizens of.
Goods and services are harder to get across the border in both directions and both federal governments are tearing their hair on out to repair a trading pattern built on easily crossed borders in both directions, which is no longer the case.
So no, it’s not good for business for the United States. Nor is it good for international business. Everybody loses.
Re: Re:
I work for a municipality in BC, Canada. I tried to implement an employee scheduling system based around Google Calendar, and I got shot down because my superiors thought they would get in trouble regarding the PATRIOT Act and so on. My one story is no biggy I’m sure, but this is a pretty common sentiment.
Re: Re: Re:
I’d agree they probably over -reacted but the privacy commissioner in BC has said that anything which exposes citizens to the terms of the PATRIOT act opens the municipality up to liability should private information get into hands of American agencies via the PATRIOT act. The Supreme Court of Ontario, if memory serves, has already agreed that that is the case.
Better safe that sorry.
Habeas Corpus
Since the US took a Canadian minor ( Arar ) and threw him into indefinite military detention after being blinded in a home invasion while the US Army was ‘hunting terrorists’ far from their home on charges later recanted by accusers… and subjected to torture…it’s been a hard call to convince Canadian judges to release on extradition people they are required to guarantee Due Process as part of the release conditions.
You even hear stories of how vans pulled by road tractors ( semis ) are X-rayed weekly.
Likely you didn’t realize foreign nationals are at an automatic disadvantage in a U.S. court even without the b.s. ‘fight against a tactic’….which is not accomplished by pioneering ever greater examples of implementing it.
I’ve stayed out of the prison to the south for several years now….and I grew up walking across the border almost as if it wasn’t there.
I do not use “the cloud” for many reasons,
oh – look there’s another.