alt Hacker NewsDigital Sovereignty Becomes an Imperative as the US Reads Dutch Emails
Comments
The fact that government agencies, particularly those that deal with international concerns like these are using non sovereign tech for communications is mind-blowing. They might as well use public gmail.. atleast it would be cheaper. If you want it not exposed directly, host it yourself and take measures to secure it for intended eyes only. This should be common sense.
With DigiID, as with this, I never understood why countries give critical infrastructure contracts away from the country it directly impacts, provided they have a mature tech ecosystem. I thought the whole point was that it was critical?
In the meantime Belgian public sector will use Google Cloud, it seems: https://ittech-pulse.com/news/smals-partners-with-google-clo...
Is anyone building (open source?) G-Suite - I’m honestly tired of paying Google money and I think everyone needs independence.
Europe and many other nations will look back on the early 21st century and wonder how they ever thought it was a good idea to willingly give up so much soverignity to foreign powers
Encryption is what's important, jurisdiction gives a false sense of security. Nobody should prefer their messenger be server-side encrypted in Iceland rather than e2ee in China.
I self-host e2ee services instead of server side encryption, even though I control the server. It's one less point of failure.
If the data centers can't see the data they're just hosting encrypted data like a Tor node that sends along gibberish–that's the endgame. Remove extra trusted parties to minimize data.
This also applies to metadata, that can be encrypted. SimpleX has 0 user identifiers, Signal's sealed sender encrypts the senders identity. Every Monero transaction is in the publicly distributed blockchain, hidden.
The irony that it is data from civil servants that wan to implement the biggest central digital censorship endeavor in the western hemisphere.
They have been doing it for years? ECHELON isn't exactly new. Also, recent EU and UK actions are not exactly privacy friendly.
We've known this since the Snowden leaks 13 years ago. In a couple of years there will probably be a president in the US that will be more palatable for the european political class and we'll all be able to go back to pretending this doesn't happen.
After all the EU is too compromised energetically, militarily, industrially, burocratically and democratically to ever achieve independence. Talking about digital sovereignty as we ban construction of new datacenter is just too cute. This is all just political theater as we peacefully sunset into a museum continent.
Digital sovereignity is not enough. You need to get electronic communications completely off the internet.
One understated outcome of Trump 2.0 is waking up some sections of the European intelligentsia to the risk of dependency on the United States.
Trump 1.0 should've been enough, but instead European leaders were just too thankful for a Biden back-to-normal scenario that they basically took no action allowing the US to further extend its dominance.
Better late than never. Incidentally, trying to build EU tech independence should produce job making industries, so can become a populist move also
I was trying to read the article, but those animations kept distracting me.
The EU should fine such intentional violations with a billion euros per violation. That would stop this immediately and force cloud providers to split off their European side into separate companies that don't fall under US law.
yes, digital sovereignity of the individual.
What's the point of this when The Netherland, among some other EU countries is already all in into eternal Atlanticism.
It seems similar conversations are happening in Europe as well. Originally, Korea is a country where the 'pro US faction' (the faction that believes Korea should be subordinate to the US) is very strong by default. The US had a very strong influence on the establishment of the Korean government, and if you look back at Korea's history, it has always been about finding a country to serve. It feels like siding with the strongest power. In fact, the pro US faction is very strong, but there has also been a strong flow of security, bureaucratic, and economic elites who have justified dependence on the US as a national survival strategy.
But recently, after Trump, I have never seen anti American sentiment this bad. It is the first time.
Actually, it is natural. In my view, Trump's policies look very similar to the Indian caste system, and I think they are a serious regression for democracy. More than that, he is destroying all the international trust that the US has built up. In Korea, people used to think of the US as a 'just' country, but these days, people are cautiously mentioning US wrongdoing more often. Especially after the tariffs and the Iran war. I myself am now unemployed because my factory expansion was canceled due to the Iran war.
My country has a natural talent for impeaching presidents, but unfortunately, Americans do not seem to have that talent. What a pity.
US companies cannot comply with the GDPR because of the CLOUD Act. The two frameworks are fundamentally in conflict with each other and it seems to me that everybody in the EU knows about it, yet this is somehow swept under the carpet and ignored even by government authorities. I've always wondered why this is so and how these kind of dependencies could be allowed in the first place. It's even worse for AI use than it is for productivity suits and email.
This is entirely the wrong lesson to take from this. Why are we still using a plaintext protocol in this day and age? Why can we not get an E2EE addition to the email protocol with full backwards compatibility?
Yes, I understand that it would be imperfect since inevitably not all servers would support it thus forcing additional understanding and decisions on the end user. No, I don't care that a user other than myself might leak my messages in plaintext. Perfectionism in this regard only serves to further shoot us in the foot. Yes, I understand that key distribution is a difficult problem but then that's the case no matter the protocol. Other protocols have solutions that work reasonably well at this point.
There's no justification for the current status quo.
Alternatively I'd be fine using matrix for all my PII related needs (healthcare, government, subscription services, etc, etc) but somehow I don't see that happening any time soon.
[flagged]
[flagged]
Not the US but the Dutch state is the problem here. The powers that be know that US espionage is not only limited to some emails and also entails sophisticated industrial espionage and never cared. Now "suddenly" they want to do something about it. This is Not about Dutch interests / sovereignty - we need to find out what it really is about.
If a politically stable nation with a good international reputation were to guarantee government respect for data privacy for data centres housed on its soil and run by its companies, that nation could become the Swiss bankers of data.
Rolling your own "digital sovereignty" is not going to be cheap for most nations, and many other nations simply won't be trusted by anyone, least of all their own citizens.
It's a bit flabbergasting that U.S. tech companies didn't see this coming years ago and lobby hard for the U.S. to repeal anti-privacy legislation like the CLOUD act. Their lunch is sitting out in the open, completely unwatched, waiting to be eaten by somebody else and it's far too late to do anything about it.