From: this@ddress.is.invalid
Chris wrote:
> Frank Slootweg wrote:
> > Chris wrote:
> >> Frank Slootweg wrote:
> >>> John wrote:
> >>>> On Wed, 21 Jan 2026 20:03:53 +1100, Daniel70
> >>>> wrote:
> >>>>
> >>>>> On 21/01/2026 5:18 am, Maria Sophia wrote:
> >>> [...]
> >>>>>> which means my medical and financial records are in a Veracrypt
> >>>>>> encrypted volume while my passwords are in KeepassXC on Windows (with
> >>>>>> compatible apps for them on Android).
> >>>>>
> >>>>> Too Hi-Tech for me. ;-P
> >>>>
> >>>> Yeah, best to let your G.P. and clinics sell your data to a variety
> >>>> of commercial entities and ultimately to Apple, Microsoft and Meta.
> >>>> Those guys keep *everything* and they keep it *forever*. You know that
> >>>> your data is secure and safe with them.
> >>>>
> >>>> UKland, where our Government *protects* our valued, private,
> >>>> confidential data really, really well so we don't need to.
> >>>
> >>> I assume that also that last remark was sarcasm, because, like most
> >>> European (and other) countries, your government is probably also using
> >>> 'services' from US companies, which fall under US jurisdiction,
> >>
> >> Incorrect. In fact the opposite is true. The UK forced Apple to drop
> >> advanced device protection capability on iphones.
> >
> > That's not the opposite of UK government using US controlled services.
>
> The point is that US organisations fall under non-US jurisdiction of the
> state in which they are operating. Not the other way around.
No they don't. That's the whole point. If the US governement, law
enforcement, etc. demand data from US companies, even if the data is
stored on systems outside the US, the US companies have to come up with
the goods. If they don't, these US companies get into trouble with *US*
law. These companies might *also* fall under the respective non-US
jurisdiction, but for *them* the US jurisdiction overrides anything
else. For my blood pressure's sake, I don't keep detailed track of these
US laws, but I *think* this one is called the Cloud Act or some such.
The US has several of these kinds of laws, as ridiculous as they might
seem. Another one is their 'right' to attack the ICC (with military
force and all) in case US officials, military, etc. are held by the ICC
against the US' will. (Guess, where I live? :-()
> >>> even if
> >>> the servers containing your data are in the UK. So the US
> >>> administration, etc. can not only access your data,
> >>
> >> They cannot access your data if the system is set up properly (i.e.
> >> encrypted).
> >
> > I'm not talking about 'my data' from my devices, but about my data as
> > it is stored in governmental (etc.) systems which use US services,
>
> So am I. Good practise is that data are encrypted at rest. GDPR controls
> how personal data are used. Not US jurisdiction.
>
> > which
> > fall under US jurisdiction. *That* data might well be not encrypted or
> > it may be encrypted, but the US government might be able to access it
> > anyway.
>
> That would contravene EU law. And we know how capable the EU are at keeping
> tech companies to heel.
Yes, but if US tech companies have to choose between the demands of
the US administration and those of the EU, guess who they are going to
obey?
Again, look at the (now snipped) ICC examples I gave. They will not
(yet?) shut down a whole facility/country/, but they *do*
shutdown individual people (and threathen those who continue to provide
services to those people).
[Examples of European/EU sovereignty projects (Thanks!) deleted.]
> With an unstable administration in the US, these are all moves in the right
> direction.
+
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
