The threat model is that the US government can either a) force the US-based employees of a US company to copy the data from EU to US and hand it to the US authorities, b) if not possible, force the US-based employees to order the EU-based employees in their reporting chain to copy the data from EU to US, or c) if not possible, order the company to circumvent any technical measures they have in place to make such copying of data impossible.
jsnell|1 year ago
The threat model is that the US government can either a) force the US-based employees of a US company to copy the data from EU to US and hand it to the US authorities, b) if not possible, force the US-based employees to order the EU-based employees in their reporting chain to copy the data from EU to US, or c) if not possible, order the company to circumvent any technical measures they have in place to make such copying of data impossible.