SoylentNews

Responsibility Deflected, the CLOUD Act Passes

posted by janrinok on Monday March 26 2018, @11:09PM   
from the does-any-other-nation-do-this? dept.

MrPlow writes:

Submitted via IRC for AndyTheAbsurd

UPDATE, March 23, 2018: President Donald Trump signed the $1.3 trillion government spending bill—which includes the CLOUD Act—into law Friday morning.

"People deserve the right to a better process." Those are the words of Jim McGovern, representative for Massachusetts and member of the House of Representatives Committee on Rules, when, after 8:00 PM EST on Wednesday, he and his colleagues were handed a 2,232-page bill to review and approve for a floor vote by the next morning.

In the final pages of the bill—meant only to appropriate future government spending—lawmakers snuck in a separate piece of legislation that made no mention of funds, salaries, or budget cuts. Instead, this final, tacked-on piece of legislation will erode privacy protections around the globe.

[...] As we wrote before, the CLOUD Act is a far-reaching, privacy-upending piece of legislation that will:

• Enable foreign police to collect and wiretap people's communications from U.S. companies, without obtaining a U.S. warrant.
• Allow foreign nations to demand personal data stored in the United States, without prior review by a judge.
• Allow the U.S. president to enter "executive agreements" that empower police in foreign nations that have weaker privacy laws than the United States to seize data in the United States while ignoring U.S. privacy laws.
• Allow foreign police to collect someone's data without notifying them about it.
• Empower U.S. police to grab any data, regardless if it's a U.S. person's or not, no matter where it is stored.

Source: https://www.eff.org/deeplinks/2018/03/responsibility-deflected-cloud-act-passes

See also: As the CLOUD Act sneaks into the omnibus, big tech butts heads with privacy advocates

---

Original Submission

• Re:Unforseen consequences might benefit us all? (Score: 2) by NotSanguine on Tuesday March 27 2018, @12:02PM

  by NotSanguine (285) <{NotSanguine} {at} {SoylentNews.Org}> on Tuesday March 27 2018, @12:02PM (#658930) Homepage Journal

  Sorry, I didn't make it at all clear what I was getting at.

  No need for an apology. You were pretty clear, as I understood you to mean exactly what you elucidate below.

  Google, for instance, relies on customers' content on its services for its advertising algorithm (of course).

  Currently, files are not encrypted before being stored on its servers, and if an app were to appear that encrypted the file locally, before being uploaded, my guess is that Google might stop that - because naturally they then lose their source of revenue.

  Yes. That's true. And a better rationale for not letting Google anywhere near my data I've yet to hear.

  However, if there was a demand by customers to have their files held in an encrypted form, perhaps Google would themselves begin encrypting files, -after- they have logged, say, the name of the file and its format?

  So it's a compromise - Google gets data for its business, but customers' files are stored encrypted.

  Absolutely. And if you're willing to hand over your privacy to some corporation, I can't (and wouldn't try to) stop you.

  I would point out that there are alternatives that don't include providing your private data, personal preferences and other information to a company that exists to gather and sell such information. Alphabet doesn't have a market cap of ~US$750Billion because google doodles are so pretty.

  That compromise is more than I want to give up for disk space.

  It's not ideal - but why else would Google offer 'free' storage?

  And it's a little bit more secure and private, in that anyone gaining access to those files subsequently will be unable to examine them...?

  No. It's not ideal. And it's not free storage either.

  If it was private, *no one* would be able to read the data except the data owner.

  And its not secure, If Google can read such data, even if it was subsequently encrypted, it is no longer secure. As they may retain a copy of the un-encrypted data and/or retain keys to decrypt that data.

  So no, it's not more secure and private either.

  Please understand, I'm not trying to attack *you* here. But Google is *not* some sort of uninterested observer, who just takes your info so they can satisfy some nebulous "advertiser", and it really doesn't impact you in any real sense.

  The more information you give Google, Facebook, your phone provider, your ISP, etc., etc., etc. helps to create a more and more detailed picture of *you*.

  If you don't mind that large corporations create detailed profiles of your private life, your professional life, your purchasing habits, your reading habits, your listening habits, your financial situation, and on and on. Then those same corporations sell each other that data so that they can aggregate clearer and clearer pictures of who *you* are. And what *you* specifically have done and likely will do.

  No. You can't avoid it completely, but you can limit how much information is being collected about you.

  In some ways, corporations having this data is more insidious than government. But since they are businesses, as long as a government is willing to pay, they will be happy to sell it to them -- although many governments will use their legal power to get it for free. Either way, the result is the same.

  --
  No, no, you're not thinking; you're just being logical. --Niels Bohr

  Parent

  Starting Score:	1		point
  Karma-Bonus Modifier		+1
  Total Score:		2