IETF Logo Mail Archive

Re: [ietf-privacy] Research Note on NSA/Snowden for EuroParl PRISM inquiry

Caspar Bowden <caspar@PrivacyStrategy.eu> Sun, 29 September 2013 20:16 UTC

Return-Path: <caspar@PrivacyStrategy.eu>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5288D11E8134 for <ietf-privacy@ietfa.amsl.com>; Sun, 29 Sep 2013 13:16:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.449
X-Spam-Level:
X-Spam-Status: No, score=-3.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CLkXtaJG5KWY for <ietf-privacy@ietfa.amsl.com>; Sun, 29 Sep 2013 13:16:24 -0700 (PDT)
Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) by ietfa.amsl.com (Postfix) with ESMTP id E30F821F9F62 for <ietf-privacy@ietf.org>; Sun, 29 Sep 2013 13:16:23 -0700 (PDT)
Received: from mfilter1-d.gandi.net (mfilter1-d.gandi.net [217.70.178.130]) by relay5-d.mail.gandi.net (Postfix) with ESMTP id C9DD141C067; Sun, 29 Sep 2013 22:16:11 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mfilter1-d.gandi.net
Received: from relay5-d.mail.gandi.net ([217.70.183.197]) by mfilter1-d.gandi.net (mfilter1-d.gandi.net [10.0.15.180]) (amavisd-new, port 10024) with ESMTP id KcQzO15t9fpB; Sun, 29 Sep 2013 22:16:10 +0200 (CEST)
X-Originating-IP: 178.197.239.73
Received: from [10.137.2.12] (73-239.197-178.cust.bluewin.ch [178.197.239.73]) (Authenticated sender: caspar@PrivacyStrategy.eu) by relay5-d.mail.gandi.net (Postfix) with ESMTPSA id 9E15841C075; Sun, 29 Sep 2013 22:16:07 +0200 (CEST)
Message-ID: <52488A80.1000306@PrivacyStrategy.eu>
Date: Sun, 29 Sep 2013 21:16:00 +0100
From: Caspar Bowden <caspar@PrivacyStrategy.eu>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130805 Thunderbird/17.0.8
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <52457A8E.9090105@casparbowden.net> <524830AA.8080409@PrivacyStrategy.eu> <52483A3D.5060104@cs.tcd.ie> <52485F4A.8070805@PrivacyStrategy.eu> <52486B4B.2050408@cs.tcd.ie>
In-Reply-To: <52486B4B.2050408@cs.tcd.ie>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: ietf-privacy@ietf.org
Subject: Re: [ietf-privacy] Research Note on NSA/Snowden for EuroParl PRISM inquiry
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Sep 2013 20:16:30 -0000

On 09/29/13 19:02, Stephen Farrell wrote:
> On 09/29/2013 06:11 PM, Caspar Bowden wrote:
> Eh... not convinced by that one. Most people have a pretty low opinion 
> of their own government - familiarity, comtempt and all that:-) 

Yes, but the reality is that if you have Cloud (as computation) at all, 
then your own govt. is going to have laws to access that which is in 
it's own jurisdiction. That's all I meant. (and it is stuff in principle 
subject to the rule of law in that country)

>> ...If they do it, they are breaking the law (ECHR)
> So the benefit of a euro-cloud would be that it'd maybe (yes, Belgacom
> will be mighty interesting) de-motiviate other EU govts from surveilling
> EU citizens via data in that cloud.

For purely political purposes yes (they will still do it, but it will be 
illegal beyond a narrow meaning of "national security", not the carte 
blanche for foreign spying in FISA def,. of FII)

> Isn't that making the same error
> that your document rightly says the US are making in considering only
> the rights of US citizens?

No, because in Europe, rights apply irrespective of nationality (yes, it 
even protects Americans in America who might send their data to Europe)

> So fwiw, I'm not at all keen on that recommendation. Note that I only
> mean I disagree with the recommendation for this purpose, there are
> probably lots of other good reasons why locally provided services are
> a good thing. (Actually, I'd like this to go towards its logical
> conclusion that everyone have their own server box in their home,

I agree. But elastic scalable massively parallel computation cannot be 
disinvented (maybe it should be cos such centralization is always 
dangerous), and there will be a demand for that

> So while I don't know much about what makes good legislation, I do 
> know that the reality of making widely-deployed Internet protocols 
> more privacy friendly is that such work is most likely to be 
> formalised here in the IETF if at all. 

I agree - but that is no help to "the Cloud" as massively parallel 
computation

CB

v2.23.0 | Report a Bug | By Email