ninja-forms domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114simple-custom-post-order domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114wp-mail-logging domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114health-check domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114updraftplus domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114rocket domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
The Verge reports how Microsoft and the US Department of Justice have withdrawn the Supreme Court Case about accessing data operated in different countries. The reason is that everyone accepted the new CLOUD act as good enough, something the Electronic Frontier Foundation strongly disagrees with. What does this mean for European and international companies handling data of European customers? We think that the full access guaranteed to US authorities and law enforcement means no US owned or operated cloud service can legally be used for any privacy-sensitive data of Europeans.
With Microsoft and other US cloud companies basically giving up the fight for privacy and security of their users, US legislation guarantees law enforcement and government agencies in general have full access to cloud data hosted by US companies. It does not matter if that data is located in the US, Europe, China or anywhere else. This means European companies who think they are safe and can ignore US law, using for example European-hosted services from US companies, are up for some potentially huge fines under the GDPR (or DSGVO in Germany).
What does this mean? Microsoft is pretty honest about it:
- We will not disclose data hosted in Microsoft business services to a government agency unless required by law.
- If we are compelled by law to disclose customer data, we will promptly notify the customer and provide a copy of the request, unless we are legally prohibited from doing so.
We know pretty much any request for data of companies or users comes with a so called ‘gag order’, forbidding any communication to the targeted organization or individual, so when the data is given, you won’t know. That’s one big advantage of a local data center: if you’re compelled to hand over data to a government agency, at least you’ll know and can take appropriate measures. And, of course, it can only be the government in the country you’re operating in – not the government of any country your hosting company operates in.
It should be rather obvious that when the US government can compel Microsoft, Google, Dropbox or others to hand over data of users and businesses (in secret), you can count on other governments to be able to do the same. From Australia to Zimbabwe, if Microsoft wants to have a presence, they have to and promised to abide by local law. And if that law requires them to hand over data and not talk about it, they will.
Perhaps you trust government 100% with the data of your customers. Maybe you don’t. In either case, if data of your customers leaks due to incompetence or malice of any of those governments that can compel your hosting provider to hand over data; or if your customers simply find out you (or your hosting provider) handed over data to the government of Zimbabwe, China, Japan or Monte Negro, lawful or not, they can sue you under the GDPR in Europe.
“When we have welcoming communities of contributors, open source software gets better and more useful to everyone.” Limor Fried, Electrical Engineer, Inventor and Founder of open-source hardware company Adafruit We believe in this ideal and love to work with our community. We are always looking to involve more people in Nextcloud, bringing in their ideas, […]
Read More
When cables are cut, sanctions are put in place or privacy legislation prohibits the use of the service your entire organization depends on, what can you do? Amidst geo-political changes, organizations face dependencies on large, centralized communication platforms. A major example of this is the SaaS-only communication platform Microsoft Teams. It is the only solution […]
Read More
In Nextcloud Hub 8, we introduced interactive widgets, a completely new mechanic that lets you share, access and interact with items from various apps in a compact widget format throughout your platform.
Read More
