It's not even just data stored on US servers. According to the CLOUD Act, any data stored by a US company, regardless of location, can be demanded by any authority in the US.
No sovereign nation should use US companies for data storage or processing. Period.
The attempts to shift to open source or non-US services are inevitably hobbled by US companies lobbying (read: bribing) politicians.
European countries aren’t known for strong privacy against the state. There are exceptions, but the EU’s “privacy rights” are almost exclusively against corporations.
American privacy, by contrast, is almost exclusively focused on state surveillance.
There are holes, the biggest being that foreigners on foreign soil have no privacy rights. Nor do the dead.
But I’m not impressed with the “rights” Europeans have against state surveillance.
Europeans aren’t willing to spend the money to do massive spy programs. Ok, fine. But that’s not the same as having civil liberties opposition.
Switzerland has a reputation, good and bad, for strong privacy. But that’s not the norm.
I read an article that dug into public GDPR cases, which is a surprisingly small set, and it explained they have had a near zero impact on the massive advertising and data broker industry. They mostly just have a large back log of legal cases against large US companies like Google which occasionally result in fines - but even that moves very very slowly and has little impact on their global business models. They do also occasionally charged a few smaller European companies a few grand for violations.
The key thing is that companies like Google and Meta run giant ad networks, there's many thousands of companies buying ads then collecting data in their own systems and reselling it.
The privacy issues of data retention on Google/Meta/etc social and SaaS platforms is something to care about but it is only a small piece of the puzzle of data privacy.
Ads will remain a major business for the foreseeable future as nobody is going to pay $5/m to use Instagram with no data collection.
I’ve read the GDPR has zero impacts on national security/law enforcement. It applies weakly to other state functions.
I’ve also seen cases where GDPR is used against religious groups that have a strong religious justification for keeping lists of believers. Think Orthodox Jews and the Catholic Church, which regard family trees and baptismal certificates as semi-sacred. And kept on paper or scrolls.
Not sure what to think about that. Regulating a sacred scroll like a database table seems wrong.
The reason why we're not keeping lists of which people believe what religion, is because such lists were extremely useful to the nazis in WW2 when exterminating Jewish people.
> Think Orthodox Jews
Pretty sure they would remember why this is the case.
> Regulating a sacred scroll like a database table seems wrong.
There is actually no perceivable or material difference between something that is considered "sacred" and that which is not. It really hinges on whether some subset of some splinter of some religion considers it so.
But, I'm not familiar with these cases you mention, I think there's some details left out that should matter. The really weird thing to me, is that a sports club can keep a list of members easily (yes they need to abide by the GDPR but it's not hard), and if somehow a "religious group" can't manage that level of organization, I don't think their opinion on what objects are considered "sacred" should count for much, either.
Another issue is that "religious groups" can have a different opinion of who are their members and who they get to keep data on, and it doesn't matter whether those records are "sacred" or not, according to the GDPR it is not the "religious group", but the people whose data is being kept whose opinion counts. It would be ridiculous otherwise. I had to email a Church to stop tracking me (which happens if you're baptized as a baby), and that should be my choice, it would be insane if they could claim "yeah tough luck, but our records are sacred".
> There is actually no perceivable or material difference between something that is considered "sacred" and that which is not. It really hinges on whether some subset of some splinter of some religion considers it so.
What? To many people, the Bible is just a book. To Christians its sacred. This doesn't mean it's immutable (the original Bible wasn't in English after all), it just means it's important to them.
For the records, the records themselves could be sacred, but the practical implications of them are not sacred. But if Catholics have a sacred record of everyone who had been baptized at a church, then that should be different from their mailing list. God did not instruct the chrich to email everyone who was ever baptized there. Plus, at some point in the church's age, there will be more dead people on the list of people who were baptized than alive people. It doesn't make sense to send an email blast to more dead people than alive, so they must trim the mailing list every so often.
Well YouTube offers a no ads version for money. I personally don’t see a realistic alternative to ad supported social media so you’d have to ask someone who does think that.
You could merely be convinced by one. That is sadly an unpaid position though.
But more seriously, this discussion has come up so many times on this site, that I could instantly find myself talking about it a handful of times at least:
And that doesn't even go into whether sites actually need to ask for cookie consent at all if they aren't collecting user data outside of functional necessity (they don't).
They should not be. That there is people willing to give their data to big corporations and foreign countries by extension puts everybody at risk. It is a matter of national security and it should not be allowed, no opt in option.
> Lately the EU Commission came up with a plan to create an inventory of every single valuable items owned by every single EU citizen: from Magic The Gathering and Pokemon cards to jewelry/heirloom, paintings, gold and silver coins/bars, cryptocurrencies coins, watches, cars, boats, etc. Anything with some value: would go in the inventory.
>The European Parliament asked the question: "Can you guarantee us this will never ever be used as a basis to confiscate these items?" to which the European Commission answered: "No, we cannot guarantee that".
Excuse me for not taking this at face value but this sounds like disinformation. Where did you get that from?
After quickly googling, it seems that the plans do not go as far as they make them out to be. The things to be catalogued are only those relevant in the fight against money-laundering. That's hardly "full commie style inventory of every single item with any value".
> And it's obvious that either taxation of confiscation is the end goal.
And? Money is, and has always been, the government's stuff, the rest of us use it because it is helpful stuff, it is helpful stuff only to the extent that some government maintains it (and when they don't maintain it correctly it stops being useful, see all examples of hyperinflation). There's a reason the Bible says "Render unto Caesar what is Caesar's".
I've seen a flat that was funded by the sale of an inherited stamp collection which was valued at £1 by the tax people. When I saw the tax statement, I thought someone must have made a mistake, then the rules were explained to me and I thought it was madness.
I mean, it is very useful to keep in mind that for any question of 'can you guarantee that X government system won't be used for Y in the future' the answer is 'no', because the government is what makes the rules. That would hopefully work to prevent X being built, but I think it's better than pretending that it's possible to guarantee Y won't happen.
It's not clear on my end what scenario you're talking about here.
Are you talking about a potential situation where a Drugs-R-Us are using (for example) an American service, but directing them to store it on EU servers?
Or are you talking about Drugs-R-Us using a non-American service in general?
> Then they can put all their data in EU servers and not worry US authorities can look at it even with a valid warrant and a court order.
Ah, Americans. "Valid warrants and court orders" are national. Unless there are international agreements (of which there are many), whatever Bumf** PD, Oregon does should have no impact on what a Lithuanian server hosting company does. Of course, this is not how it works in real life and many non-Americans consider that abusive, and rightfully so.
FYI - this kind of extra-territoriality was what started WW1. An ethnic Serb Bosnian (Gavrilo Princip) shot the Austro-Hungarian heir apparent and as a result Austria-Hungary sent Serbia an ultimatum.
The ultimatum contained lots of harsh terms, which Serbia accepted, except for 1. The term they refused was to allow Austro-Hungarian police, prosecutors, judges to directly investigate, arrest, prosecute and imprison Gavrilo's possible collaborators. And the reason they refused that was because it's basically giving up sovereignty. Once you let another country send their police force investigate, arrest, prosecute and imprison whomever they want, they have full control. They can imprison your prime minister and you have no recourse except for starting a war.
So Serbia accepted that if it wanted to remain independent, it would have to accept fighting a war.
> Then they can put all their data in EU servers and not worry US authorities can look at it even with a valid warrant and a court order.
I have yet to see the EU ignore a valid judicial warrant except in the most extreme cases.
The point, however, is that you have to have a valid judicialwarrant and not some random-ass piece of paper generated by Adderall-addled sycophants of fascist South African nepobabies.
By many measures Europe is in fact pretending to be sovereign. I think it is what they are attempting to do at the moment, "stop pretending to be sovereign" and actually BE sovereign. At least that seems to be the claimed attempt.
If anyone is not sure why I would say that Europe is not sovereign, I will answer that question if you ask, but considering the current state of things and even just this discussion about data sovereignty and other related topics about using and deploying European technologies; I suspect most, if not all have a sense that Europe is in fact not sovereign... and that's without even pointing out huge elephants in the room like the 275 US military installations across Europe, and not even to touch on the fact that NATO is really just ** pulls curtain back ** SURPRISE! ... America, Europe Division.
US abducted the leader of a sovereign in a night without having any military installations in his country. Sovereignty is very brittle in this context. I am sure an unprepared installation can still be useful if need be. But in any case no need in sight. Europe is not sovereign because it’s not a nation, it’s a loose union with very limited actual integration outside the integration required to facilitate easier trading from strong industrial economies to their poor neighbours. There is nothing to be concerned about in this space for the US until someone in Europe (France or Germany) actually becomes more dangerous to Europe than the US.
I don't think GP was implying anything about US military fighting against Europe? Just that having another country's military all up inside your country is weird from a sovereignty perspective.
The rest of NATO has more soldiers than US. Would US win? Maybe. But how many millions dead Americans? US lost in Afghanistan and there they just fought terrorists.
The US (like any country) struggles in asymmetrical/guerilla warfare. It always devolves to the famous statement by a US officer during the Vietnam war that “We had to destroy Ben Tre in order to save it.”
If the gloves were off then the equation would be different. A fight with the rest of NATO would be conventional warfare where the US has a giant advantage.
> A fight with the rest of NATO would be conventional warfare where the US has a giant advantage.
Given NATO contains three nuclear powers, a full on fight between the US and the rest of NATO would be an "everyone loses" scenario. Even if the US did a first-strike that somehow eliminated all the French and British nuclear submarines, simply losing the EU as customers and suppliers would likely double US unemployment and push inflation to 10%/year for the next decade (hard to be sure though, see Covid influence on supply chains).
Actually getting hit back by retaliatory strikes by either France or the UK independently would be in the order of multiples of US annual GDP in physical damage. France has enough that even if 80% of their missiles were stopped, they'd still be able to hit every US state capital (though why would anyone care to attack Alaska or Hawaii if they're nuking all the rest?)
As per estimate from 2005, even just a single 100 kT nuke in the right place would have an impact equivalent to the US GDP at the time:
The results of our analysis are shown in Figure 4. As anticipated, the economic consequences are highest for the largest nuclear weapon yield and the most conservative cleanup level. New York City nets the highest economic damage across the cleanup spectrum, because of its dense population and high value real estate. Note that the economic consequences for New York City across almost every cleanup level meet or exceed $10 trillion, which is roughly equivalent to the annual Gross Domestic Product (GDP) of the U.S. economy.
Good luck resisting nukes on American cities. It will be easier to occupy all of China than trying to occupy the rest of NATO. No one seriously thinks US could defeat and occupy rest of NATO.
How many million Americans dead to capture it? How many million Americans will die during the occupation when we resist? Does Americans even wanna go to Europe and occupy Europe and have a legitimate target on their back?
What is even the longterm plan? Concentration camps? Or do you think people will suddenly accept American occupation?
>The rest of NATO has more soldiers than US. Would US win?
what are you even talking about? nowhere is anybody on any side even hinting that the problem with NATO is it stops the EU from having a war with the US.
the problem with NATO is that it shares a burden and some feel they don't want to pay their obligations and some feel their share is too much, and then it was based around invasion of the territories of western and then middle europe, and ukraine came along and it's a serious threat to middle europe but its not covered by NATO.
If US invades a NATO country it has to fight all of NATO. Trump says he plans to invade Denmark. Do you deny that Trump said he might invade and occupy Denmark?
No sovereign nation should use US companies for data storage or processing. Period.
The attempts to shift to open source or non-US services are inevitably hobbled by US companies lobbying (read: bribing) politicians.