top | item 43855924

(no title)

Prunkton | 10 months ago

I dealt with a EU//German regulator in the past about this very topic in a finance context.

This behavior is peak willful ignorance. Its sold as risk planing by EU entities but after all its just liability planing.

What I mean by that is, for convenience reasons everyone goes along with US Clouds knowing it is technically absolutely possible to access the data but as long the contracts are clean and state they are following EU law its fine. Just in case you can make the point the contract was broken the paper is of relevance.

discuss

bux93|10 months ago

There are a few worries. The US government accessing private data is the one that gets this treatment. Sure, the contracts are not worth the paper they're written on, but it's a state actor - even if you store the data only on a USB stick in your wallet in the end they'll find a way to access it. Preventing data leaks to private parties is a more attainable objective, and using a US cloud might actually contribute positively to that.

The new worry is different; denial of service. Your bank can just Go Away one day. Like what happened to Amsterdam-based, but Russian owned, ATB bank. Its cloud resources were blocked and even the Dutch bankruptcy court had trouble getting access to the data to wind down the bank.

That's an existential threat. One you can ignore if your values are aligned with the US administration, but the administration is completely unpredictable, not to say nihilistic. This is making companies very (very) nervous, even without the regulator saying anything to them.

mawadev|10 months ago

The entire chain of command just diverts responsibility wherever they can and then base it off of some paper that has no meaning. In the end, the volume of data that is put up there would cause so much damage, you cannot really hold anyone accountable if stuff goes wrong. Sure a company may vanish or some money moves from A to B, but the damage remains. The entire concept of trust is flawed.