EU Citizens Warned Not To Use US Cloud Services Over Spying Fears 138
Diamonddavej writes "Leading privacy expert Caspar Bowden warned European citizens not to use cloud services hosted in the U.S. over spying fears. Bowden, former privacy adviser to Microsoft Europe, explained at a panel discussion hosted at the recent Computers, Privacy and Data Protection conference in Brussels, that a section in the Foreign Intelligence Surveillance Act Amendments Act 2008 (FISAAA) permits U.S. intelligence agencies to access data owned by non-U.S. citizens on cloud storage hosed by U.S. companies, if their activity is deemed to affect U.S. foreign policy. Bowden claimed the Act allows for purely political spying of activists, protesters and political groups. Bowden also pointed out that amendments to the EU's data protection regulation proposal introduce specific loopholes that permit FISAAA surveillance. The president of Estonia, Toomas Hendrik Ilves (at a separate panel discussion) commented, 'If it is a U.S. company it's the FBI's jurisdiction and if you are not a U.S. citizen then they come and look at whatever you have if it is stored on a U.S. company server.' The European Data Protection Supervisor declined to comment but an insider indicated that the authority is looking into the matter."
Here is a European Parliment Report (Score:5, Informative)
Here is a report for the European Parliament (Pdf) about cyber crime and privacy of Cloud services, co-written by Caspar Bowden, it discusses the ramifications of FISAAA. The salient section is "3.4. The inter-state/states/companies relation" on page 34.
http://www.europarl.europa.eu/committees/en/studiesdownload.html?languageDocument=EN&file=79050 [europa.eu]
Furthermore, proposed changes to the EU's data protection regulations will facilitate FISAAA. Specifically, if a Security Companies' audit of a Cloud Service uncovers U.S. spying, they will be obligated not to inform an affected EU company. I wonder what pressure the U.S. is applying to get this passed...
US lobbying waters down EU data protection reform [techweekeurope.co.uk]
"For example, IMCO voted to allow easier profiling of users by companies, and lessen the importance of reporting personal data breaches as soon as they occur. At the same time, most proposals to strengthen regulation were rejected.
Re:Obvious question (Score:2, Informative)
Jottacloud, qCloud, all the Scandinavian countries have super tight privacy laws, and except for sweden they don't really give into U.S. pressure..
Re:Megaupload Case *Already* Poisoned the Cloud (Score:4, Informative)
Cloud services effectively died that day.
I wish you were right, but you're not. Sadly, Stupid breeds way faster than Smart, so "cloud" subscriptions keep growing.
Re:Really? (Score:4, Informative)
Under the PATRIOT act, they can't show that to you.
The fact remains, they've been increasingly looking at people's things, bypassing judicial oversight, and generally running rough shod over parts of the Constitution with "Free Speech Zones", warrantless wiretaps and the ability to do "border stops" 100 miles from the border.
Seriously, have you not even been paying attention? This shit's been all over the news.