Court Ruling Shows The Internet Does Have Borders After All (csoonline.com) 47
itwbennett writes: Microsoft's recent victory in court, when it was ruled that the physical location of the company's servers in Ireland were out of reach of the U.S. government, was described on Slashdot as being "perceived as a major victory for privacy." But J. Trevor Hughes, president and CEO of the International Association of Privacy Professionals (IAPP) has a different view of the implications of the ruling that speaks to John Perry Barlow's vision of an independent cyberspace: "By recognizing the jurisdictional boundaries of Ireland, it is possible that the Second Circuit Court created an incentive for other jurisdictions to require data to be held within their national boundaries. We have seen similar laws emerge in Russia -- they fall under a policy trend towards 'data localization' that has many cloud service and global organizations deeply concerned. Which leads to a tough question: what happens if every country tries to assert jurisdictional control over the web? Might we end up with a fractured web, a 'splinternet,' of lessening utility?"
I'll take the bait (Score:5, Interesting)
No, we just end up with these large corporations splitting up in entities that are harder to control (and tax). Microsoft will just transfer it's "data assets" to Microsoft Farawayistan just like it does with it's taxes to Microsoft Ireland. We may end up with all of the major data centers in South America, Japan and Eastern Europe and thus a shift of both tech, brains and money to countries that don't put up with idiotic lawmakers.
Re: (Score:1)
Then they have lost it.....
There are of course ways to "store" data so that nobody knows where it is (Freenet for example) but in that scenarios ....
1) you never know when the data will drop out of storage
2) I suspect that when they can't *prove* that the data is out of the jurisdiction, then they will probably go with the last entity "receiving money to store it"
So while it might be a good way for people (and maybe even corporations) to store their *own* data, I don't see how they can make a business model
Re:I'll take the bait (Score:5, Informative)
The Location of data has what to do with its movement around the world?
It always exists in at least one place.
Even that is not a given. Think about a RAID5 spread over several legislations, where each hard drive is in another country. No legislation has control over a complete set of the information in the RAID5, and only if one reads a sector of it, its parts get requested in the different locations and combined to the real data. And only if all but one legislations agree, you are able to get the complete information, as the data from n-1 stripes can reconstruct the original.
Re: (Score:2)
Re: (Score:2)
Think about a RAID5 spread over several legislations, where each hard drive is in another country.
Well, I thought about thinking about it, but given the implied latency, I should probably stop and wait a week before I decide if I decided to think about it, or not.
Re: (Score:2)
If yo
Re: (Score:3)
My favourite was an old p2p network - I think it was called OFF? It never caught on, but it had a very interesting concept.
Let's say you have a copyright-infringing file - call it Bieber-generic-love-song.mp3. You don't share it directly. When you put it into OFF, the client will see if it has a block of data of matching size or a little larger. If not, it'll create one - full of completely random bits:
Garbage1.bin.
Now, it takes your Bieber-generic-love-song.mp3 and XORs that with Garbage1.bin. That gives y
Re: (Score:3, Insightful)
I was with you until the 'idiotic' part.
The idea that cyberspace is space-less, that' it's some vague cloud beyond national laws, has also created lots of (privacy) problems.
I really like my EU protections, and I can see the oposite happening where something like "Our servers are located in the EU" becomes a mark of quality.
Re: I'll take the bait (Score:1)
Exactly. I live in the US and wish we had any data protections at all.
As to the 'concerns' of cloud providers and global corporations: fuck them. I don't care one bit of anything hurts them and if they cease to exist I won't shed a tear. All they do is steal jobs, lower salaries, hoard wealth, and generally do nothing that couldn't be done in ways that actually benefit real human workers.
Short answer (Score:5, Insightful)
Yes.
Long answer. China is quickly moving in this direction. 20% of the world's population is quickly moving towards being on an internet island. Currently, the great firewall is a black list. There is talk of it becoming a white list. Of course to get on the white list, companies will have to jump through all sorts of hoops. Including agreeing to terms such as recognizing Taiwan as part of China, that China owns the South China Sea, Japan sucks and the Chinese people are superior in every way, etc. Globally, all content from the company will have to follow rules to promote peaceful, happy society. Otherwise, you company doesn't get access to China. The sad part: most companies will agree in a heartbeat.
Re: (Score:1)
The sad part: most companies will agree in a heartbeat.
This. This. This. Companies are agreeing to cut their own throat in the greedy desire to have access to a country and government that does not play by any type of rules that are fair. In fact, the rules are stacked against any foreign company that wants to do business in China. Do I blame the government of China for making these rules? No, they are stacking the rules for their advantage, which is their right. But the for companies to knowingly grovel and cut their own throats because they will get a short t
Re: Short answer (Score:4, Insightful)
and yet the US government acts as if it has some sort of manifest right to said data wherever it may reside. Well, the data islands may be bad. but I'd sure hate for Herr Erdogan to determine that this post is inflamatory to him and that the US should just compel /. to unmask my anonimity so they can then compel US Marshalls to help facilitate my extradition to Turkey to whatever kangaroo court will soon be set up. Erdogan can just go suck on big Q and shove a big W up his ass.
tl;dr similar laws and policies protect people so why shouldn't data be protected?
typo (Score:1)
There's a typo in the last sentence:
Might we end up with a fractured web, a 'splinternet,' of lessening utility?"
should read:
"listening utility".
Actually, I've seen a vision of how it turns out. (Score:3, Interesting)
Turns out this is the setting of the world in which your character lives in Megaman Battle Network 2 (Nintendo GBA) [wikipedia.org]. Its not really the plot, but as a setting for a world it makes some interesting but subtle social commentary. First of all, it just assumes this is the "right way" for the internet to work and that it always has been thus, and doesn't debate it with you. You're along for the ride in a world where:
1) Just connecting to the internet in another country requires a Passport.
2) The internet is not as safe in every country. In fact, they're all incrementally more dangerous than your home country's internet.
3) The space on the internet between country jurisdictional borders is very hostile.
4) Viruses roam freely, attacking anything in their sight. Nobody seems to know why they are there. They just take for granted that they must always have been there or are naturally occurring.
The internet and data (Score:3)
Re: The internet and data (Score:2)
Re: (Score:2)
If it isn't physical, it doesn't exist; inside or outside the network.
Re: (Score:2)
It's physical at any one instant. It has to exist in some form - written in matter, or encoded in fluctuating electromagnetic fields.
Re: (Score:3)
I don't see what the hullabaloo is about.
Just wave your arms in front of your face while shouting buzzwords. Now, can you see what the hullabaloo is about?!?
As far as fractured... I'm not sure they understand the inter- in internet. If it was continuous, what even needed connecting?
The 90s called and want their cyberspace back (Score:4, Interesting)
Remember when tech pundits were talking like the Internet would transcend to become it's own nation that people would emigrate to and live in? Well shit turns out we still live in meatspace with countries and laws. And surprise, surprise so does our data. The cloud is just the new buzzword for the same concept without the people. I suppose companies will try to go jurisdiction shopping, but I doubt they'll succeed. The governments of the world will set requirements for dealing with their citizen's data and you'll either comply or get in legal trouble, like the EU's "right to be forgotten". Yes, it means data on the Chinese might stay in China but it might also mean data on US citizens stay in the US. Would you really like them to swap? Or do you just want to fulfill the NSAs wet dream that all data on everyone in the whole world go through the US? Seriously, for most of us local data is a good thing.
Incentives (Score:4, Interesting)
"it is possible that the Second Circuit Court created an incentive for other jurisdictions to require data to be held within their national boundaries"
No, the PATRIOT act and related laws regarding the (lack of) privacy for data held in the US did that ages ago.
Re: (Score:2)
Fine by me. If this country wants to go to war over the contents of my e-mail archive, go right ahead.
What's needed is a new architectural layer (Score:3)
which moves (encrypted) fragments of files around the world, ostensibly for performance and reliability reasons.
So it would act like a content delivery network does with whole files.
Except that this layer would be the default assumption for where you put data on the Internet.
Data in the new paradigm has no home physical location. It only has identity, and access rights granted by possession of decryption keys.
For data intended to be fully public, perhaps its metadata would be unencrypted in the layer, for searchability. But that would not imply a particular physical location for the data file payload itself. A search would result only in an identifier, which the layer infrastructure would locate an retrieve from multiple sources.
Data would automatically maintain sufficient worldwide distributed copies of itself, and the system would migrate (and cache) copies of data fragments closer to end-users of the data, based on speculative probabilistic co-access patterns. In other words, data would coalesce toward where it was needed, as an automagic feature of the distributed storage layer.
This kind of distributed encrypted storage layer thing (not owned by any single company of course, but rather both open/libre and partly peer-to-peer) needs to get implemented, and widely adopted so that it is a default assumption of how content on the Internet mostly works, BEFORE it is made substantially illegal by overreaching governments.
That's how to make the Internet remain borderless. Make it a fait accompli that is very hard to subvert technically without blocking nearly every ip address, which, if this is implemented right, could be a partial mirror of fragments of the content.
Re: (Score:2)
You just described Freenet. And a few others, though Freenet might be the best-known.
They never caught on outside of the paranoid-and-activist community, for practical reasons. When everything has to be proxied multiple times, performance utterly sucks - it's dialup-bad.
I've become something of a fan of IPFS. It's not designed to actively thwart monitoring and censorship efforts, so performance on it is actually... well, not great. But a whole lot better than Freenet. It is fully distributed and any conten
No (Score:4, Insightful)
The Internet has no borders. Court jurisdictions do however.
Countries might try to mandate local storage for their citizens' data. But that is authoritarian control over their citizens, not so much the Internet. Anyone reasonably motivated can still move their data to overseas services if they are willing to incur the risk.
Only the US (Score:1)
> what happens if every country tries to assert jurisdictional control over the web?
Compared to only the USA? Hopefully something more sane [less insane] will be established
Online privacy does not exist anyway, why bother? (Score:1)
Now of course it would be better to revise a few laws before enforcing transparency.
'Decentralized stripe set' (Score:1)
Re: 'Decentralized stripe set' (Score:1)
Dumb idea.
Encryption, compression and such can be implemented in ways that control access w/o requiring the overhead of byte splitting and dispersal around the world.
Currently mega.NZ offers 50gig of free cloud drive. Data is encrypted before it leaves my PC and decrypted as it returns. If I lose the keys it's impossible to reconstruct. More sophisticated systems encrypt multiple datasets with multiple keys.
If Jack Baur tortures a password out of you give him the one that unlocks furry porn instead of
Not control over the web (Score:2)
Other countries understandably want to assert control over their own data and keep citizens' data from being handed over to foreign countries at their whim. Companies want control over clients' data in the same way, especially when it is part of the agreement that clients are to ultimately have say over who can look at their data (such as private family pictures stored in the cloud under trust for backup purposes only, as an example). I think this is the concern, the "control over the web" bogeyman is not t
For The Record... (Score:2)
I only hope they know how to use Google today...