From: ithinkiam@gmail.com
Frank Slootweg wrote:
> Chris wrote:
>> Frank Slootweg wrote:
>>> John wrote:
>>>> On Wed, 21 Jan 2026 20:03:53 +1100, Daniel70
>>>> wrote:
>>>>
>>>>> On 21/01/2026 5:18 am, Maria Sophia wrote:
>>> [...]
>>>>>> which means my medical and financial records are in a Veracrypt
>>>>>> encrypted volume while my passwords are in KeepassXC on Windows (with
>>>>>> compatible apps for them on Android).
>>>>>
>>>>> Too Hi-Tech for me. ;-P
>>>>
>>>> Yeah, best to let your G.P. and clinics sell your data to a variety
>>>> of commercial entities and ultimately to Apple, Microsoft and Meta.
>>>> Those guys keep *everything* and they keep it *forever*. You know that
>>>> your data is secure and safe with them.
>>>>
>>>> UKland, where our Government *protects* our valued, private,
>>>> confidential data really, really well so we don't need to.
>>>
>>> I assume that also that last remark was sarcasm, because, like most
>>> European (and other) countries, your government is probably also using
>>> 'services' from US companies, which fall under US jurisdiction,
>>
>> Incorrect. In fact the opposite is true. The UK forced Apple to drop
>> advanced device protection capability on iphones.
>
> That's not the opposite of UK government using US controlled services.
The point is that US organisations fall under non-US jurisdiction of the
state in which they are operating. Not the other way around.
>>> even if
>>> the servers containing your data are in the UK. So the US
>>> administration, etc. can not only access your data,
>>
>> They cannot access your data if the system is set up properly (i.e.
>> encrypted).
>
> I'm not talking about 'my data' from my devices, but about my data as
> it is stored in governmental (etc.) systems which use US services,
So am I. Good practise is that data are encrypted at rest. GDPR controls
how personal data are used. Not US jurisdiction.
> which
> fall under US jurisdiction. *That* data might well be not encrypted or
> it may be encrypted, but the US government might be able to access it
> anyway.
That would contravene EU law. And we know how capable the EU are at keeping
tech companies to heel.
> We (in The Netherlands) actually have such a pending case where a
> Dutch service provider for governmental services, which affect *all*
> citizens, is about to be taking over by a US company, which will cause
> it to fall under US jurisdiction. If that happens, the US administration
> will be able to see which people login when to which official sites,
> including tax office, hospitals, etc., etc.. And we might not be able to
> stop this takeover, because the argument that our 'friends' are no
> longer our friends might be overruled by anti-competition laws/rules.
Although I agree we on this side of the pond need to look more carefully at
data sovereignty including our data infrastructures, I do also feel the
level of risk is very overblown.
The reality of the US administration getting access to all our MS Word
documents is nigh on impossible.
Having said that there are moves in this space. France have established a
wholly France hosted MS Azure platform called Bleu. It's taken many years
to implement and am not sure how well it works.
https://www.bleucloud.fr/
In Germany, AWS is building a sovereign cloud with plans to roll out more
across europe.
https://aws.amazon.com/blogs/aws/opening-the-aws-european-sovereign-cloud/
With an unstable administration in the US, these are all moves in the right
direction.
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
