[jimbob45]

Isn’t this sort of what we accuse the Chinese of doing? The US designs the technology and then the Chinese manufacturers steal that design to make their own?

Except now, the EU is more or less forcing American companies to sell unaffiliated spin-offs to the EU to continue doing business there. Seems a bit underhanded to change the rules now after so long, especially considering the fact that the EU can’t make these companies for themselves or they would have already.

[ad404b8a372f2b9]

I hope you are aware that "the cloud" is not some secret, mysterious piece of technology that the EU can't figure out. We have software engineers as well as data centers and EU-based cloud companies. Digital consumer networks were established here long before the U.S and the internet was invented here. Your arrogance is grating.

[chrisseaton]

> the internet was invented here

In Europe?

[lizardactivist]

They mean the WWW, which is really what the Internet has always been about. And yes, it was invented in Europe.

[kazinator]

The web browser which actually made the web usable and popularized it was Mosaic.

"Mosaic was developed at the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana–Champaign beginning in late 1992." -- Wikipedia

Other than Linux's European origin, Europe has not produced any viable operating system or browser. It continues to rely on key software of American origin, like the rest of the world.

[ElemenoPicuares]

This is one of those "pizza was invented in New York City" arguments. Popularized and refined != invent.

The Brit Tim Berners-Lee designed the architecture, wrote the first browser and web server, and wrote the first HTML spec at CERN around 1989. Mosaic was released in like 1993 after Berners-Lee released his specs and source.

To claim the internet was invented in Europe is equally absurd.

[chrisseaton]

> which is really what the Internet has always been about

Internet created 1983. WWW created 1989.

[ad404b8a372f2b9]

Well the Web if you prefer.

[chrisseaton]

They're two different things. The Internet was invented in the US. I'm European as well, but not sure why you'd need to overreach to claim we invented the Internet.

[kazen44]

packet based networking was invented in the US...

The internet was created by meshing many different networks together (mostly ARPANET and SFNET).

Networks which now form the backbone of the internet also existed in europe at the time, mainly in britain and france.

[ad404b8a372f2b9]

Yes we are all aware they are different things, I made a semantic leap because the terms are used interchangeably in common parlance. I should have known a technical forum would take me up on that.

[mgraczyk]

Right, and the goal of this sort of ruling is to make sure that those EU-based engineers have work and get paid. It has nothing to do with consumer protection or privacy. If it did, EU companies that have servers in the US would be banned from processing EU user data for the exact reason spelled out in this ruling.

[jtwaleson]

I'm European and I'll happily admit there is no EU alternative to AWS, GCP, Azure. The breadth of services _on_, and the amount of engineers able to work _with_ these platforms is incredible and can't be beat by the likes of Hetzner and OVH. We are so behind that we won't catch up. The arrogance is warranted in this case.

I like privacy, but the business person in me is very frustrated by these GDPR rulings as they make the life of European startups even harder than it already is.

[emptysongglass]

I mean I'm really enjoying Scaleway for all of the things I'd use AWS for: EKS, managed DBs, and cloud M1 Macs are all accounted for.

[jtwaleson]

But you realize that all tightly integrated high-level services like IAM, Kinesis, Lambda, DynamoDB, CloudWatch (just to name a few from AWS), make the cloud a joy to work with? AWS had VMs and Managed DBs in 2009(!).

[emptysongglass]

My personal experience with IAM is that it makes AWS awful to work with. I honestly wish it was replaced with an service far simpler in design. CloudWatch is similarly obtuse.

I think you have a point with Lambda though I don't use serverless much. How does Knative compare?

[jtwaleson]

I personally have no experience with Knative. In my view, you open up a different can of worms by dragging in k8s. Either do everything natively on your cloud provider or go all-in with k8s.

[lispm]

Lidl: https://www.stackit.de/en/

[jtwaleson]

Are you joking? The products page is laughable compared to the big cloud providers. Hell, it has "We create custom-fit solutions" on the landing page. If anything screams non-cloud it's that.

[kazinator]

> Digital consumer networks were established here long before the U.S

Really? In some places in Europe, people were starting to get excited about dial-up BBSes in the mid nineties, a decade after they were on their way out in North America.

In 1994 I was doing contract work in Vancouver on a website with paying subscribers.

[kazen44]

> Really? In some places in Europe, people were starting to get excited about dial-up BBSes in the mid nineties.

What is your point exactly? Half of europe was still transitioning to a market economy or in a (civil) war/conflict in the 90's.

I am also sure, that a lot of places in the US didn't have internet access in the 90's.

[kazinator]

> Half of europe was still transitioning to a market economy

Sure, but not, oh, Sweden.

[testaccountfor]

This is rich coming from America.

America engages at global level surveillance. American corporations can be coerced with a single national security level to spy on their customers. Ergo they are untrustworthy and should not be used.

[superchroma]

Honestly, nationally-owned spin-offs aren't an issue. If that's all that doing business with China entailed, I think people wouldn't be so mad, but unfortunately there are other practical and moral compromises needed. The EU may be challenging in certain ways, but at least they play by their rulebook and champion public interest a lot of the time.

[akmarinov]

Those US companies are free to not be on the EU market, just saying

[xyzzyz]

This sword cuts both ways. US can also stop sales of Airbuses, Volkswagens, IKEA furniture etc. under some fishy premise. If EU does that to US companies, why shouldn’t US do it to EU ones? This kind of tit for tat trade war would be a loss to everyone compared to cooperation, but is still preferred to cooperating with a defector.

[solar-ice]

How on earth is "the US is able to demand personal data of EU citizens without due process" a fishy premise?

[cortesoft]

Isn’t this the case with all sovereign countries, though? You can never guarantee that a government won’t demand a company in that country to hand over data, that is what it means to be sovereign.

[solar-ice]

Generally speaking, we look at the legal system in the country and decide whether it is /legal/ for the state to do such a thing, and whether there are appropriate safeguards to prevent it from doing so. Yes, they could change the law - and at that point it would become illegal for companies in that country to do business in the EU.

Usually most countries are smart enough not to damage themselves economically by preventing their companies from selling to a large, reasonably rich union.

[cortesoft]

> Yes, they could change the law

They could also just not follow the law

[rubito]

There is no tit for tat, we european citizens don't want our personal data to be accessible to the US government and their respective secret agencies.

The US government will not back up from their policy and so we do neither but since we otherwise enjoy a great partnership and alliance, we take this issue pretty "dry and emotionless", trust me, there are no hard feelings or ill intentions.

[mirekrusin]

Comparable move could be for US to forbid using EU hosted services to ie. store medical records of US citizens etc., no?

[wins32767]

No, because Germany doesn't have that big of an IT space. Aerospace and automotive would be good sectors to hit back with because they are more relatively important to Germany as IT is for the US.

[xdennis]

So you're essentially admitting that this is about revenge because Germany cares about its citizen's privacy and due process.

[wins32767]

I'm saying that if Europe decides it wants to block off parts of its economy, the US would be perfectly justified in doing the same (to everyone's detriment).

I could imagine a US based law that banned the sale of any durable goods produced by a company headquartered in a country that still got more than 5% of its power from lignite coal due to a strong climate commitment. That's tailored basically only to impact Germany. Is that fair?

[bettysdiagnose]

OK but not wanting our personal records to be arbitrarily sized by the US government is very reasonable. Your government made a law that lets it spy on us... that's your problem.

[wins32767]

I don't think it's reasonable that I'm paying more than my share of taxes for the defense capabilities that allows Europe free access to a stable world market and roughly rules based international order that underpins the export economy of Germany in particular. If Europe would fix that, I'd feel a lot worse about the spying.

[ROTMetro]

Why should they? Europe signed free trade agreements and promised they would open their markets to the USA if the USA reciprocated. Excluding American companies from doing business seems a pretty big violation of this. I guess EU is free to cancel those free trade agreements, but they aren't free to just ignore them and just make it illegal for American companies to do business in Europe because of privacy rules that exclude American companies purely on the fact that they are American.

[testaccountfor]

American cloud companies spy on European citizens on behalf of American government. This is illegal under European law.

[xdennis]

> Europe signed free trade agreements and promised they would open their markets to the USA if the USA reciprocated.

I'm unaware of any free trade agreements with the US: https://en.wikipedia.org/wiki/European_Union_free_trade_agre...

The US only has free trade agreements with some American countries and South Korea/Australia outside: https://en.wikipedia.org/wiki/United_States_free-trade_agree...

But this is all irrelevant because free trade doesn't trump rights (privacy/due process/etc).

[htkibar]

Safe trusting an US based company with data _at the very least_ requires that US doesn't have a law that allows them to spy on us.

How does this not compute for Americans, I cannot even comprehend.

[curiousgal]

Sorry to be so blunt but every EU competitor sucks ass. So if the EU has it their way, it is us Europeans the ones getting fucked.

[akmarinov]

It’ll be bad for a while, but alternatives will pop up. There’s plenty of money to be made.

Europe is Apple’s third largest market, making $90 billion last year alone. You don’t think other companies will step up for even a tiny percent of that?

[curiousgal]

Why haven't they? OVH is probably in the best spot to do so but their offerings are trash compared to Amazon/Google/Microsoft's.

[akmarinov]

It’s way easier to set up a business and get funding in the US, with a lot less bureaucracy.

If those US companies were to go away however, the market will adjust to Europe/Asia grown companies.

[olliej]

No?

This is the obvious outcome of the US government’s repeated and explicit statement that non-US residents do not have any due process rights and thus no warrant requirements, followed by - when companies tried to compensate for this abuse by creating subsidiaries in the EU - stating that the US government also had access to all subsidiaries data, again with no due process protections.

What did the US government think would happen when they made it clear that no US company could provide due process protections for any EU data that they possessed?

This has nothing to do with the “IP theft”, but rather the inability of US companies to comply with universally applicable EU law.

[raverbashing]

True, this is the crux of it

If you let all subsidiaries of M/G/A within reach of US courts (including customer data) don't get surprised when other countries treat it as toxic

The US gov would never accept this in procurement, so why should other countries?

On the case in question, it seems the company changed the tender document to take out some (protection) clauses

[olliej]

Yeah, the late (post acceptance?) changes seem questionable on their own. Presumably they were reminded that the US gov argued and won with the Supreme Court, that they have unfettered access to all non-us-resident customer data of all US companies, and said companies subsidiaries, regardless of local laws. After all, as we know the US Declaration of Independence says "We hold these truths to be self-evident, that all residents of the united states are created equal, that they are endowed by their Creator with certain unalienable Rights".

[masswerk]

This is about US legislation and jurisdiction extending to foreign territory and thus conflicting with local legislation and corporations subsequently failing to comply with legislation regulating that market.

[colechristensen]

I wouldn't say so.

Restricting the sale or transfer of personal data to a foreign-held company that can and will obey foreign laws with regards to that data is, I think, perfectly fair.

The dances companies go through to appear local or non-local with shell companies is an abuse of the intent of many laws.

Microsoft/Google/Amazon/etc. probably can figure out how to operate in Europe to comply with the intent of the law, but it might require a rather large actual separation of interests rather than a shallow apparent one.

[mlqaa]

Many (if not the majority) of open source projects that are used to power the whole spectacle have originated in Europe and now have a majority of international contributors.

But the power centers (foundations etc.) are in the USA. International contributors are expected to bow to U.S. cultural dominance and follow the latest whims.

OSS has been stolen by the USA.

[superchroma]

Also noted elsewhere is that US tech companies are hand in hand with the US intelligence apparatus.

[joshuaissac]

> Except now, the EU is more or less forcing American companies to sell unaffiliated spin-offs to the EU to continue doing business there.

Isn't that what happened with TikTok?

Both China and the US have laws that force global subsidiaries of Chinese/American companies to hand over data held overseas.

[ThunderSizzle]

I would argue China-US relationships are not that of allies or friends. There isn't a war or cold war going on, but I wouldn't pretend that the relations between China and the US are peaceful and represent trustful tranquility.

I would argue the relationship between Europe and US are substantially better, although not without frustrations from both sides, some warranted and some not.

At the very least, several countries are in a formal defensive alliance with the US and each other (NATO).

[Macha]

NATO membership is also true for Turkey, which is not always considered friendly with the EU and US.

[ThunderSizzle]

Turkey is a very interesting case, and is rooted in the Cold War.

But I do agree Turkey is less friendly dly and is on my personal no-go zone for safety reasons.

[htkibar]

Turkey's status is (or should be) always about who is at the helm. It is an interestingly "supreme leader" type of a culture, and with Erdogan you can see how that plays out. Heart breaking, in my opinion, as they had a reasonable shot at becoming a properly European country (read: culture & rule of law wise especially).

For example, you would have had an amazing time 20 years ago with a level of security comparable to other European countries. Nowadays? Personal no-go zone is a wise decision, to say the least. If I didn't have my biological family there; I would have done the same in an instant.

[xdennis]

It's rich to accuse the EU of copying China when it's the US who copied China's "National Intelligence Law" as the "CLOUD Act"; laws which compel Chinese and Americans to act as spies outside their countries when it comes to data.

[pfortuny]

This is germany still, not the whole of the EU.

But it does show how an all-reaching law like gdpr can have stramge consequences…

[f-jin]

isn't the crux of the matter the all-reaching laws of the US that allows their intelligence agencies to order EU-subsidiaries of US companies to offer up their data..?

[xyzzyz]

I would be frankly shocked if EU countries did not have the same laws on the book. If German court serves Volkswagen AG a warrant for data kept by Volkswagen America, can Volkswagen AG just not comply?

[srrr]

A German court can not, in fact, serve a court order to Volkswagen America. (Technically it can, but the order is not enforceable.) A German court is also forbidden to force Volkswagen AG to reach into Volkswagen America because these are separate legal entities.

A German court would use judicial assistance and ask US law enforcement to help. US law enforcement would then adhere to local laws and protect the rights of US citizens while trying to help.

This is named Mutual legal assistance: https://en.wikipedia.org/wiki/Mutual_legal_assistance_treaty .

[solar-ice]

Pretty sure EU countries cannot in fact (in general) demand personal data of anyone from EU companies without due process. If you can find law to the contrary, let me know.

[xyzzyz]

The warrant is due process.

[solar-ice]

The procedure and requirements for obtaining a warrant under the CLOUD Act is not sufficient due process according to EU law - which is law which matters when operating a commercial business in the EU.

[xdennis]

The US specifically passed the law to bypass due process.

If you think a warrant should apply from an outside jurisdiction imagine Mississippi issuing a warrant to arrest a Californian abortion doctor.

[angio]

They can fight in an american court. The issue is the cloud act which was passed explicitly to fight eu companies fighting in eu courts us govt data requests.

[josefx]

The crux is that in most cases the EU subsidiaries are not even set up to prevent that. They just roll over. Someone else tracked down the AWS GDPR compliance document the court case cites a few times, any governmental agency can request data transfers out of the EU. The document isn't even specific on which government and as far as I understand the North Korean government could request all EU users data and AWS would provide a download link without even thinking twice.

[denton-scratch]

Doesn't seem strange to me; I'm surprised it got to court.