Other HN readers are making some assumptions that I have to take issue with.
A1: Stories about this kind of thing are posted by people who want to take business away from the U.S..
This is possible, but there are a lot of people who value privacy too, and I suspect they are in the majority. Want to prove me wrong? Get polling.
A2: Everybody else is doing it, but only the NSA got caught.
First, this doesn't make it acceptable. Second, it's entirely possible not everybody else is doing it. Third, even if everybody is doing it, the U.S. has more money to pour into black-op projects than any other nation on Earth, so it's a safe bet that the NSA is, by far, the worst offender.
A3: Countries like China spy for corporate gain, but the U.S. would never do such a thing.
Right, the U.S. has never staged a coup or conducted a war that benefited U.S. corporations, and certainly wouldn't need intelligence to help with that sort of thing in the future...
-----
If you're okay with what the NSA has been doing, here's something to consider. Several years ago Sony got a lot of bad press for putting rootkits onto audio CD's. They wanted to stop piracy. Honest customers had nothing to fear from Sony! However, honest customers did have something to fear from viruses, malware, etc. that were subsequently written to exploit the security holes created by the root-kit.
The NSA is collecting data on you. You trust the NSA and your nation, so you're not worried about how they'll use that data. Fine. Do you trust everyone who works for them? You probably shouldn't. They certainly don't trust their own employees and they still got burned by Snowden! The NSA might not be looking at your data until you do something terroristy, but who else could have access to the NSA's data-stores? Would anyone know Snowden had stolen all those files if he kept quiet about them? Probably not. Odds are you're pretty boring and nobody is interested in what the NSA has on you. What if you were actually really interesting, and your enemies had a lot of money? Do you plan on becoming interesting at some point in the future, or are you firmly committed to being a bore until you die?
I am particularly annoyed at the "everyone is doing it" excuse. Everyone may want to be rolling with ten carrier battle groups in their navy, each equipped with an air wing capable of air-superiority, but only one country actually spends the kind of money to make that real.
Every government might have control freaks in it who WANT to implement pervasive surveillance. But most places don't have the budget for it.
Just wanted to contribute a data point regarding A3: In Sweden there's a widely known inventor (or patent troll depending on your view of patent enforcement by non-operating entities) called Håkan Lans. Back in the 90ties he sued Hitachi for infringing on his computer color graphics patent. According to a documentary recently broadcast on Swedish television one of the reasons he was able to win that lawsuit was that someone in the US intelligence community (in a formal or informal capacity) helped him with background information on Hitachi's expert witnesses. The motivation was said to be that US felt threatened by Japan in general, and IBM by Hitachi in particular.
There where many other accusations brought in the same documentary, some of which I'm sceptical about, but this particular one seemed plausible. I can't find anything about it online, but the documentary presented it rather matter-of-factly with lots of interviews etc. So for the ambitious it might be an opportunity to document a concrete case of A3.
For me, it boils down to a simple question: If the NSA doesn't intend to use my data or data about me for some malicious purpose, then why do they need it?
Outsourcing some defense and intelligence makes sense because the West is united and why waste money on redundant systems. The real problem is that America is not a superpower it is a hyper power. As Bill Gates said recently:
"Nation-state competition is not zero-sum competition. It was not good for the world for the United States to be so far ahead, for 5 percent of the global population to generate 30 percent of the economic activity and 60 percent of the scientific R&D."
But we don't want the world to catch up by the US slowing down but by the world speeding up, that way progress is more rapid.
I think NSA is a red herring here -- it may gave turned up the volume, but these are problems that exist no matter what.
If you are handling any data of significant value, storing it outside of the regulatory jurisdiction of your company and/or customers will increase risk and cost. Compliance requirements have already made it impossible for EU individual customer information to be stored in the US. Vice versa compliance has made it difficult for most healthcare or local US government data in Europe.
The customers of the Dutch cloud-services conpany I work for haven been demanding this for at least ten years. Snowden didn't change much there, it's been going on since the Patriot act. European Union privacy legislation demands that sensitive data is stored within the EU. Storing data in other countries is only permitted if a satisfactory level of protection can be offered. This was used in marketing by EU companies in order to promote their own services, effectively creating FUD around US-based services.
When the Amsterdam Internet Exchange (AMS-IX) recently opened up an office in NYC there was a big fuss about it, because it would make the entire Dutch internet traffic subject to the Patriot act, since it applies to any company with an office on American soil.
I've been dealing with this for what seems like ages now. At my last job I actually had to go a get a new service shut down because the people who provisioned it didn't realise or understand that it was a problem that all the PID was being stored in the US.
I've read the Safe Harbor rules and audit information and I don't trust it one bit. I really can't blame corporations, especially EU ones, from stating very plainly that they don't want their data stored in the US.
> European Union privacy legislation demands that sensitive data is stored within the EU
While this may be officially promoted as a way of protecting against EU citizens against NSA (US access) to the data, it is also a way for the EU to ensure that EU can get to the data when the EU wants access.
Everyone in Europe I talk to about online data agrees that this isn't empty talk. Practically it really isn't possible today to in a meaningful way avoid some of your data or data about your usage of the Internet to end up in the US.
But, I would argue that this is more of a change in mindset and awareness at this point, which eventually will force changes. Companies or local government will want their data to be stored in a jurisdiction where they at least have an influence over how it is protected. Balkanisation may be the result, or ineffectual laws and regulations, maybe even something useful. But I believe something will happen.
I'm surprised to see the focus on jurisdiction versus other more effective methods, like open-source encrypting locally prior to moving the data off-site. Key control and eliminating the need to trust third-parties is the way forward, not trusting that some government somewhere is going to follow the rules perfectly. This also has the added benefit of protecting against unauthorised third parties gaining access via back doors or hacking, etc.
These ineffectual laws and regulations you warn about are already in place. That's a dead end. It is time for people and corporations to take charge and make their data safe before it leaves their control. We've seen this happen on a big scale with Google now supposedly encrypting data between data centers, and on a (much) smaller scale with people like me using EncFS to encrypt before moving online backups to Dropbox.
That cuts both ways. As an US citizen, I have no reason to believe my data is safe, say, in Germany, and certainly not in France who have been caught using their spy agencies to spy on US companies before. What enforceable mechanism has the EU provided US citizens regarding data safety? How can I, as a US Citizen, audit what access an EU government has had to my data?
So, yes, Balkanization is the only likely outcome, without a one-world-government and one-world-policing.
Then you obviously didn't talk to the Swedish legislator that was perfectly fine with the fact that foreign surveillance agencies could read her email.
US companies would be lucky if all this did is reduce their international sales. That's just the tip of the iceberg.
By far the worst damage is all that lost capital is going to flow into helping to generate a vast supply of new and bigger competition overseas. So not only will the US companies lose sales in the immediate future, they'll face amplified competition that will hit sales even more so long term. Even if the US Government has cleaned up this mess by the end of the decade, it won't matter, the financial consequences will just keep rolling.
When it's all tallied up, I think the NSA and US Government abuses will cost the economy trillions of dollars in value over the course of a few decades. Something akin financially to a hundred September 11th attacks in damages. Oh the staggering brilliance of the DC machine.
I agree. I don't know how that number was reached, but if the potential for losses is $180 billion already, then the long term losses might reach $1 trillion, maybe more. There are so many companies that change so slowly. They probably won't give up on the US products and services within 6 months. It might take them 2 years, 3 years, or even 5 years. So there are probably many more foreign customers thinking about dumping US companies, but they just can't do it yet. But that doesn't mean they will get their future contracts if nothing (radically) changes until then.
This has been around for a while under the guise of "data sovereignty".
If you look back at search results for that term, there are now laughable comments particularly by Microsoft that your data is safe in the US because even the Patriot Act requires warrants right? Little did they know...
I'd argue that a company that explicitly agrees to work with the NSA, for example by handing them over Windows security holes to be exploited by the NSA (and potentially other hackers), knows exactly the kinds of things that are going on.
Even more ironic are the "digital safe harbour" provisions that cloud providers have been operating under, telling their clients that the law requires the US government to treat servers put under those provisions as not located in the US.
The irony being that since the servers are "not located in the US", they are even more easily targeted by the NSA since the NSA considers the rest of the world to be sub-humans without any rights.
Seems to me that the reality is that big businesses hold the leash of the US government, so this is as much a repudiation of them as it is the NSA, the Obama admin et al.
Microsoft, Google, Facebook, RSA and the rest deserve the shame and scorn they are receiving right now. I'm sorry if my techie friends working at those places are hurt by this, but I feel very betrayed by these companies' complicity in and taking moneys for all the surveillance and backdooring, etc. So, shame on you, I hope your brands aren't totally ruined.
This trend pre-dates the NSA scandal, at least from my European perspective. The US government has legally given it's intelligence and security agencies the right to secretly claim access to data stored by American companies including data not physically stored in the US.
As a result, it's not just a matter of non-US companies and citizens not wanting to store data with US companies, in many if not most cases it's not even legal for them to do so.
As a European company, I have to give certain guarantees about the protection and usages of privacy sensitive data. Storing it under the jurisdiction of a country that does not respect that is out of the question.
This has nothing to do with any illegal activities by the NSA or their non-American counterparts. This is the existing legal regime of the US.
Of course the NSA scandal has highlighted the facts that any guarantees the US so far has given about not abusing this are null and void. From the US can get use data, it has now become the US will us your data. That will significantly and irreversibly speed up the process of taking data out of US companies.
But the process itself had already started, it is just a very slow process (no corporation or government can drastically alter their IT infrastructure within a short term). The real effects won't be felt until another five to ten years, if not more.
I agree with most comments here. This was expected, these are not empty threats and no one is over-reacting. Everyone is just re-acting as they were expected too. Except maybe the Obama administration, which has to do some hard decisions. Snowden is growing stronger by the day now.
The part that caught my eye though was this:
> It's not all doom and gloom, however. Thompson's comments show that some U.S. firms stand to benefit from distrust of the U.S. government, and that a new model may be in the offing for protecting sensitive data from the NSA's prying eyes.
Apparently, Bloomberg sticks to the Liberal mantra that says more or less that when a market dies a new one emerges.
Maybe the 5% of affected population, in terms of companies, will build a new business model but how this is good news is beyond me. It's like when you listen people saying that YOU can now create a startup in TV because they saw a Steve Jobs 2-minute video documentary on Apple. People apparently don't know that for every successful startup there are 1.000.000 failed for no apparent reason.
This is good news in the same way that a broken window is good news to the glazier. The broken windows fallacy is alive and well in the media. Journalists are also trained to show "both sides" of the story even if the other side of the story is complete nonsense.
Spying is an age-old game and it's not just the US doing it ;) I'd love to see some leaks out of Russia and China. It doesn't matter where your data is stored if it's off-premises. If you were putting it in the cloud unencrypted, you were already at risk, Snowden or not. Intelligence agencies around the world recruit workers in tech companies, the company need not overtly cooperate to get screwed.
Countries around the world slurp up data over the wire, they just haven't been caught with their hand in the cookie jar yet. At least the NSA's massive data caches won't be easily hacked. Verint (just one of many companies in the surveillance space) has 75 countries as customers. There's a ton of sh*t going on under the radar. You may hate surveillance and want more transparency but nobody can pretend it's just the US doing this stuff.
No reason to leak anything from Russia. It's not a secret but a law here that SORM-2 devices are mandatory to install by each ISP (very small ISPs may wait for up to two years, though). It must have full access to mirrored traffic crossing the AS border and RADIUS traffic (in case of TACACS+ ISPs are also asked to reveal encryption keys).
While I suspect they're mostly laying dormant and don't think they're secretly massively abused in mass-surveillance, no idea what those black boxes are doing, though. The point is, they're here, they have full access, and they technically could be abused anytime, so don't transfer any sensitive data to or through Russia unencrypted. Like with any other country, possibly except for Equestria.
On top of that, I suspect some of the anti-US stuff posted is for the express purpose of gaining customers away from the US. (this may get downvoted, people may disagree, but I have no doubt it's happening)
What will the alternative cloud solutions be? I assume that many will rush to fill the gap as clients vacate US providers, offering increased privacy as a specific selling point.
As a non-US startup, we're still using Heroku and AWS because we don't have the resources to make the jump to something more secure, even though we'd really like to. As soon as an accessible alternative appears we'd switch in a heartbeat.
An interesting idea to conform to and one I am researching for a service I've been building. There is data in transit and data at rest. For many people I know, North America (I assume Canada and the US are one and the same, at this point) is the primary market/closest entry point. Do regulations require tracking data in transit thT may eventually be stored somewhere other than the US?
As far as I know, similar data locality guarantees are now hot topic in Germany and are often mentioned during sales pitches of SaaS platforms. USA shot itself in the foot and it is competition's holy duty to its shareholders to exploit it.
Well...if Americans cant get things changed with votes in their own democratic society, at least non-Americans can get things changed with their own wallets. (Debated using quotes around democratic...left 'em off after all...but it was close). Americans obviously can change things with their wallets, but it's more difficult, and involves a lot more steps like encrypting before sending, etc.
Actually the NSA's overreach is more a problem with the executive branch.
Congress tried to establish checks and balances over the intelligence community by establishing FISA after Watergate, but it wasn't enough. Judge Leon's ruling [1] actually discusses the shortcomings of the FISA court.
I've probably devoted more time on HN to discuss the reality of politics and government than to cover technology issues. At times I feel pretty bad about this. I've also been subject to a partial new post hell-ban which may still be in place (surprisingly enough, most of my new submissions are tech related). And, yes, I've felt bad about this from time to time, to the point of limiting myself to reading HN and not posting for weeks at a time.
As I have watched all of this NSA, IRS, ACA/Obamacare and big-broken-government nonsense has developed over the last, say, ten years or so, I can't help but think that the tech community needs to be shaken-up like this in order to finally abandon ship and start really using their brains politically rather than acting as mindless sheep following who knows what.
I'll issue a blanket statement and say that everyone reading HN is smart. About technology. Not necessarily about politics and the ways in which the world turns. And yes, I'll say it, there's a wide swath of HN'ers who have been indoctrinated by the left-leaning academia, media and the echo chamber of the circles they frequent and identify themselves with that they've stopped applying critical reasoning skills to their political life.
As I said here [0], you have to be smart about your politics if you want to succeed in business in general. If you are not, you run the risk of incompetent moronic government-originated factors affecting your playing field in small and major ways. And, by the way, it really doesn't matter if you are an employee or an entrepreneur, a union or non-unionized worker. When things like this start happening they affect EVERYONE and there's a chain reaction that will make things suck in a big way for all involved, at any layer and at every station in life.
What you want, in order to succeed, is as little meddling and interference as possible. No, I am not suggesting anarchy. That's bad. No, I am not suggesting no government. That's worst. What I am saying is that you want a small non-intrusive government at all levels, from local to federal. You want a government that truly has our long term best interests at heart and not one that is a partisan prostitute acting almost exclusively to keep their sick species and party alive at the expense of the opposition and, what's worst, you, me, our families and our very country. We might just be entering into a phase where we might just realize that terrorism can't even begin to match the level of destruction bad governments and their policies are capable of producing.
Yes, yes. Crazy talk. I really don't like talking this way. It's just that sometimes I feel like people need a collective slap on the face with a well timed "Snap out of it!" before they'll wake up and see what is really going on. Snap out of it! Get involved!
> rather than acting as mindless sheep following who knows what.
I'll tell you right now, that anyone who uses that phrase is more of a "mindless sheep" than those he criticizes.
> What I am saying is that you want a small non-intrusive government at all levels, from local to federal.
Not particularly. There is no intrinsic reason to want a "small government" over a large one (or vice versa). What you want is an effective government, that best matches your interests. Of course, everyone has their own interests, so the best rough metric that we've come up for maximizing the effectiveness of the government across the whole population, and minimizing its harm, are democratic institutions with various protections in place to prevent various types of abuses.
Likewise, you don't necessarily want small corporations or large ones. A large corporation has more power and is able to abuse that power more; but it is also frequently more efficient than having lots of small actors, as lots of transactions between independent actors can add friction and cost.
Distributed systems have problems, as they can exhibit lots of complex behaviors that can cause destabilizing feedback, and they can be inefficient. Centralized systems have problems, because they provide single points of failure or points of corruption that can be exploited for gain. Some balance between the two of them is necessary, and it's also necessary to spend effort on simply fixing problems that come up rather than thinking that every problem can be solved by adhering to some philosophy of "big government" vs. "small government".
> mindless sheep ... wake up and see what is really going on.
Did you really just write a long winded "wake up sheeple" post? Are you trying to be a self-parody?
Sorry, this small government lark is nonsense and irrelevant in this.
The Americans seem to bang on about small government constantly, and I cant imagine that in actual reality, the US government can't be proportionally as big as say the German or , I dunno, Japanese government, where they don't particularly bang on about small government in anything like the same way. If it is, as big or bigger, I suspect that is largely down to the insane huge military the same people who bang on about small government totally adore and idolise.
Interesting too that for some bizarre reason, you have managed to get in some Obama and health care stuff in too. Sorry, but most of the rest of the civilised planet has some form of universal health care. I dont see what that has to do with anything in this debate. If Americans don't want to look after their poorest, weakest and most vulnerable, then fine. Its not my country. But its got nothing to do with industrial spying.
Oh, I note you have not placed any blame on any republicans who were just a responsible for all this. I dont remember GWB being all liberal about freedoms.
Sorry, but from what I can see, the subtext in your post is basically a poorly cloaked attempt at a right wing agenda. And frankly I don't see that as any sort of credible answer.
This has been going on for at least a few years. Large financial institutions in Europe have contracts with vendors stating that servers cannot be hosted in the US because of all the warrantless snooping.
[+] [-] beloch|12 years ago|reply
A1: Stories about this kind of thing are posted by people who want to take business away from the U.S..
This is possible, but there are a lot of people who value privacy too, and I suspect they are in the majority. Want to prove me wrong? Get polling.
A2: Everybody else is doing it, but only the NSA got caught.
First, this doesn't make it acceptable. Second, it's entirely possible not everybody else is doing it. Third, even if everybody is doing it, the U.S. has more money to pour into black-op projects than any other nation on Earth, so it's a safe bet that the NSA is, by far, the worst offender.
A3: Countries like China spy for corporate gain, but the U.S. would never do such a thing.
Right, the U.S. has never staged a coup or conducted a war that benefited U.S. corporations, and certainly wouldn't need intelligence to help with that sort of thing in the future...
-----
If you're okay with what the NSA has been doing, here's something to consider. Several years ago Sony got a lot of bad press for putting rootkits onto audio CD's. They wanted to stop piracy. Honest customers had nothing to fear from Sony! However, honest customers did have something to fear from viruses, malware, etc. that were subsequently written to exploit the security holes created by the root-kit.
The NSA is collecting data on you. You trust the NSA and your nation, so you're not worried about how they'll use that data. Fine. Do you trust everyone who works for them? You probably shouldn't. They certainly don't trust their own employees and they still got burned by Snowden! The NSA might not be looking at your data until you do something terroristy, but who else could have access to the NSA's data-stores? Would anyone know Snowden had stolen all those files if he kept quiet about them? Probably not. Odds are you're pretty boring and nobody is interested in what the NSA has on you. What if you were actually really interesting, and your enemies had a lot of money? Do you plan on becoming interesting at some point in the future, or are you firmly committed to being a bore until you die?
[+] [-] Zigurd|12 years ago|reply
Every government might have control freaks in it who WANT to implement pervasive surveillance. But most places don't have the budget for it.
[+] [-] bjornsing|12 years ago|reply
There where many other accusations brought in the same documentary, some of which I'm sceptical about, but this particular one seemed plausible. I can't find anything about it online, but the documentary presented it rather matter-of-factly with lots of interviews etc. So for the ambitious it might be an opportunity to document a concrete case of A3.
[+] [-] seanccox|12 years ago|reply
For me, it boils down to a simple question: If the NSA doesn't intend to use my data or data about me for some malicious purpose, then why do they need it?
[+] [-] PavlovsCat|12 years ago|reply
[+] [-] bananacurve|12 years ago|reply
Only to the extent that intelligence has been outsourced to the US, at least in the West.
http://cphpost.dk/news/denmark-is-one-of-the-nsas-9-eyes.761...
Outsourcing some defense and intelligence makes sense because the West is united and why waste money on redundant systems. The real problem is that America is not a superpower it is a hyper power. As Bill Gates said recently:
"Nation-state competition is not zero-sum competition. It was not good for the world for the United States to be so far ahead, for 5 percent of the global population to generate 30 percent of the economic activity and 60 percent of the scientific R&D."
But we don't want the world to catch up by the US slowing down but by the world speeding up, that way progress is more rapid.
[+] [-] Spooky23|12 years ago|reply
If you are handling any data of significant value, storing it outside of the regulatory jurisdiction of your company and/or customers will increase risk and cost. Compliance requirements have already made it impossible for EU individual customer information to be stored in the US. Vice versa compliance has made it difficult for most healthcare or local US government data in Europe.
[+] [-] rgj|12 years ago|reply
When the Amsterdam Internet Exchange (AMS-IX) recently opened up an office in NYC there was a big fuss about it, because it would make the entire Dutch internet traffic subject to the Patriot act, since it applies to any company with an office on American soil.
[+] [-] thisone|12 years ago|reply
I've read the Safe Harbor rules and audit information and I don't trust it one bit. I really can't blame corporations, especially EU ones, from stating very plainly that they don't want their data stored in the US.
[+] [-] Nursie|12 years ago|reply
FUD?
No, it's been explicit in law for some time that people's data was protected in Europe in ways it wasn't in the US.
[+] [-] draugadrotten|12 years ago|reply
While this may be officially promoted as a way of protecting against EU citizens against NSA (US access) to the data, it is also a way for the EU to ensure that EU can get to the data when the EU wants access.
[+] [-] bjelkeman-again|12 years ago|reply
[+] [-] bjelkeman-again|12 years ago|reply
But, I would argue that this is more of a change in mindset and awareness at this point, which eventually will force changes. Companies or local government will want their data to be stored in a jurisdiction where they at least have an influence over how it is protected. Balkanisation may be the result, or ineffectual laws and regulations, maybe even something useful. But I believe something will happen.
[+] [-] tombrossman|12 years ago|reply
These ineffectual laws and regulations you warn about are already in place. That's a dead end. It is time for people and corporations to take charge and make their data safe before it leaves their control. We've seen this happen on a big scale with Google now supposedly encrypting data between data centers, and on a (much) smaller scale with people like me using EncFS to encrypt before moving online backups to Dropbox.
[+] [-] drone|12 years ago|reply
So, yes, Balkanization is the only likely outcome, without a one-world-government and one-world-policing.
[+] [-] yxhuvud|12 years ago|reply
[+] [-] adventured|12 years ago|reply
By far the worst damage is all that lost capital is going to flow into helping to generate a vast supply of new and bigger competition overseas. So not only will the US companies lose sales in the immediate future, they'll face amplified competition that will hit sales even more so long term. Even if the US Government has cleaned up this mess by the end of the decade, it won't matter, the financial consequences will just keep rolling.
When it's all tallied up, I think the NSA and US Government abuses will cost the economy trillions of dollars in value over the course of a few decades. Something akin financially to a hundred September 11th attacks in damages. Oh the staggering brilliance of the DC machine.
[+] [-] salient|12 years ago|reply
[+] [-] 001sky|12 years ago|reply
not to mention the waste of resources that spurnrd this on...
[+] [-] Maxious|12 years ago|reply
If you look back at search results for that term, there are now laughable comments particularly by Microsoft that your data is safe in the US because even the Patriot Act requires warrants right? Little did they know...
[+] [-] f_salmon|12 years ago|reply
I'd argue that a company that explicitly agrees to work with the NSA, for example by handing them over Windows security holes to be exploited by the NSA (and potentially other hackers), knows exactly the kinds of things that are going on.
[+] [-] swombat|12 years ago|reply
The irony being that since the servers are "not located in the US", they are even more easily targeted by the NSA since the NSA considers the rest of the world to be sub-humans without any rights.
[+] [-] EdSharkey|12 years ago|reply
Microsoft, Google, Facebook, RSA and the rest deserve the shame and scorn they are receiving right now. I'm sorry if my techie friends working at those places are hurt by this, but I feel very betrayed by these companies' complicity in and taking moneys for all the surveillance and backdooring, etc. So, shame on you, I hope your brands aren't totally ruined.
[+] [-] bowlofpetunias|12 years ago|reply
As a result, it's not just a matter of non-US companies and citizens not wanting to store data with US companies, in many if not most cases it's not even legal for them to do so.
As a European company, I have to give certain guarantees about the protection and usages of privacy sensitive data. Storing it under the jurisdiction of a country that does not respect that is out of the question.
This has nothing to do with any illegal activities by the NSA or their non-American counterparts. This is the existing legal regime of the US.
Of course the NSA scandal has highlighted the facts that any guarantees the US so far has given about not abusing this are null and void. From the US can get use data, it has now become the US will us your data. That will significantly and irreversibly speed up the process of taking data out of US companies.
But the process itself had already started, it is just a very slow process (no corporation or government can drastically alter their IT infrastructure within a short term). The real effects won't be felt until another five to ten years, if not more.
[+] [-] atmosx|12 years ago|reply
The part that caught my eye though was this:
> It's not all doom and gloom, however. Thompson's comments show that some U.S. firms stand to benefit from distrust of the U.S. government, and that a new model may be in the offing for protecting sensitive data from the NSA's prying eyes.
Apparently, Bloomberg sticks to the Liberal mantra that says more or less that when a market dies a new one emerges.
Maybe the 5% of affected population, in terms of companies, will build a new business model but how this is good news is beyond me. It's like when you listen people saying that YOU can now create a startup in TV because they saw a Steve Jobs 2-minute video documentary on Apple. People apparently don't know that for every successful startup there are 1.000.000 failed for no apparent reason.
[+] [-] bryanlarsen|12 years ago|reply
[+] [-] xacaxulu|12 years ago|reply
[+] [-] Paul12345534|12 years ago|reply
Countries around the world slurp up data over the wire, they just haven't been caught with their hand in the cookie jar yet. At least the NSA's massive data caches won't be easily hacked. Verint (just one of many companies in the surveillance space) has 75 countries as customers. There's a ton of sh*t going on under the radar. You may hate surveillance and want more transparency but nobody can pretend it's just the US doing this stuff.
[+] [-] drdaeman|12 years ago|reply
While I suspect they're mostly laying dormant and don't think they're secretly massively abused in mass-surveillance, no idea what those black boxes are doing, though. The point is, they're here, they have full access, and they technically could be abused anytime, so don't transfer any sensitive data to or through Russia unencrypted. Like with any other country, possibly except for Equestria.
Disclaimer: I work for an ISP.
[+] [-] pilsetnieks|12 years ago|reply
Oh, so it's ok then.
[+] [-] Paul12345534|12 years ago|reply
[+] [-] Paul12345534|12 years ago|reply
[+] [-] loomio|12 years ago|reply
As a non-US startup, we're still using Heroku and AWS because we don't have the resources to make the jump to something more secure, even though we'd really like to. As soon as an accessible alternative appears we'd switch in a heartbeat.
[+] [-] jmspring|12 years ago|reply
[+] [-] polskibus|12 years ago|reply
[+] [-] parag_c_mehta|12 years ago|reply
I just hope corporates put pressure on US government to back out of NSA treachery.
[+] [-] cpfohl|12 years ago|reply
[+] [-] puppetmaster3|12 years ago|reply
[+] [-] csense|12 years ago|reply
Congress tried to establish checks and balances over the intelligence community by establishing FISA after Watergate, but it wasn't enough. Judge Leon's ruling [1] actually discusses the shortcomings of the FISA court.
[1] http://legaltimes.typepad.com/files/obamansa.pdf
[+] [-] robomartin|12 years ago|reply
As I have watched all of this NSA, IRS, ACA/Obamacare and big-broken-government nonsense has developed over the last, say, ten years or so, I can't help but think that the tech community needs to be shaken-up like this in order to finally abandon ship and start really using their brains politically rather than acting as mindless sheep following who knows what.
I'll issue a blanket statement and say that everyone reading HN is smart. About technology. Not necessarily about politics and the ways in which the world turns. And yes, I'll say it, there's a wide swath of HN'ers who have been indoctrinated by the left-leaning academia, media and the echo chamber of the circles they frequent and identify themselves with that they've stopped applying critical reasoning skills to their political life.
As I said here [0], you have to be smart about your politics if you want to succeed in business in general. If you are not, you run the risk of incompetent moronic government-originated factors affecting your playing field in small and major ways. And, by the way, it really doesn't matter if you are an employee or an entrepreneur, a union or non-unionized worker. When things like this start happening they affect EVERYONE and there's a chain reaction that will make things suck in a big way for all involved, at any layer and at every station in life.
What you want, in order to succeed, is as little meddling and interference as possible. No, I am not suggesting anarchy. That's bad. No, I am not suggesting no government. That's worst. What I am saying is that you want a small non-intrusive government at all levels, from local to federal. You want a government that truly has our long term best interests at heart and not one that is a partisan prostitute acting almost exclusively to keep their sick species and party alive at the expense of the opposition and, what's worst, you, me, our families and our very country. We might just be entering into a phase where we might just realize that terrorism can't even begin to match the level of destruction bad governments and their policies are capable of producing.
Yes, yes. Crazy talk. I really don't like talking this way. It's just that sometimes I feel like people need a collective slap on the face with a well timed "Snap out of it!" before they'll wake up and see what is really going on. Snap out of it! Get involved!
[0] https://news.ycombinator.com/item?id=6961005
[+] [-] lambda|12 years ago|reply
I'll tell you right now, that anyone who uses that phrase is more of a "mindless sheep" than those he criticizes.
> What I am saying is that you want a small non-intrusive government at all levels, from local to federal.
Not particularly. There is no intrinsic reason to want a "small government" over a large one (or vice versa). What you want is an effective government, that best matches your interests. Of course, everyone has their own interests, so the best rough metric that we've come up for maximizing the effectiveness of the government across the whole population, and minimizing its harm, are democratic institutions with various protections in place to prevent various types of abuses.
Likewise, you don't necessarily want small corporations or large ones. A large corporation has more power and is able to abuse that power more; but it is also frequently more efficient than having lots of small actors, as lots of transactions between independent actors can add friction and cost.
Distributed systems have problems, as they can exhibit lots of complex behaviors that can cause destabilizing feedback, and they can be inefficient. Centralized systems have problems, because they provide single points of failure or points of corruption that can be exploited for gain. Some balance between the two of them is necessary, and it's also necessary to spend effort on simply fixing problems that come up rather than thinking that every problem can be solved by adhering to some philosophy of "big government" vs. "small government".
> mindless sheep ... wake up and see what is really going on.
Did you really just write a long winded "wake up sheeple" post? Are you trying to be a self-parody?
[+] [-] alan_cx|12 years ago|reply
The Americans seem to bang on about small government constantly, and I cant imagine that in actual reality, the US government can't be proportionally as big as say the German or , I dunno, Japanese government, where they don't particularly bang on about small government in anything like the same way. If it is, as big or bigger, I suspect that is largely down to the insane huge military the same people who bang on about small government totally adore and idolise.
Interesting too that for some bizarre reason, you have managed to get in some Obama and health care stuff in too. Sorry, but most of the rest of the civilised planet has some form of universal health care. I dont see what that has to do with anything in this debate. If Americans don't want to look after their poorest, weakest and most vulnerable, then fine. Its not my country. But its got nothing to do with industrial spying.
Oh, I note you have not placed any blame on any republicans who were just a responsible for all this. I dont remember GWB being all liberal about freedoms.
Sorry, but from what I can see, the subtext in your post is basically a poorly cloaked attempt at a right wing agenda. And frankly I don't see that as any sort of credible answer.
[+] [-] devrelm|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] stcredzero|12 years ago|reply