[aborsy]

The only reason you may use these EU version of services is that you are in Europe.

Otherwise EU is worse in terms of privacy. UK (while not officially in Europe) goes even beyond, requiring backdooor to iCloud and non-eu providers.

[sschueller]

> Otherwise EU is worse in terms of privacy

Please elaborate how the EU is worse (UK doesn't count). Worse than what other country and how?

[aborsy]

I already provided an example with UK, which is terrible. UK is racing ahead of other countries requiring backdoors.

France has had similar proposals floating in their parliament. The latest iteration has been rejected

https://www.techradar.com/computing/cyber-security/france-re...

But the fact that such proposal is drafted and periodically brought up to this level, isn’t good, and it might be approved in the future.

Example of data collection by the German government

https://privacysniffs.com/data-retention-law/germany/

Australia's Encryption-Busting Law

https://www.wired.com/story/australia-encryption-law-global-...

What makes you think that EU governments don’t collect data from companies such as Hetzner or OVH, the same way that US collects from Microsoft or Google?

[jamesblonde]

Many on here don't seem to understand this has nothing to do with privacy. It's about sovereignty - if DJT can turn off your digital infrastructure on a whim, you are in a very precarious position. That's why both Canada and Europe are in panic mode and looking for alternatives.

[lentil_soup]

> UK (while not officially in Europe)

You mean the EU. The UK is definitely in Europe

[aa-jv]

Yeah, I can hear the laughter all the way to Pine Gap.

[janmo]

Thank you for pointing that out! I would add that intelligence agencies and law enforcement are almost completely exempt from all those fancy GDPR requirements.

Furthermore, in the EU, there is no such a strong equivalent to the 4th Amendment. Law enforcement and intelligence agencies can access your cloud data without needing a warrant—unless the data is stored in the US in which case a US judge would have to approve it. This is one of the reasons they are so eager to keep it "home".

The craziest thing is what happened with Encrochat and SkyECC. These two services made the critical mistake of trusting OVH to host their servers, and then OVH literally placed law enforcement and intelligence agency backdoors on them. Eventually, they even used these backdoors to send malware to users' devices, not caring whether they were located in the EU or not.

While all this was happening, the founder of OVH appeared on a popular YouTube tech channel and proudly explained that, unlike Amazon and Google, they weren’t sniffing their customers’ data. What a liar!

[sofixa]

> Furthermore, in the EU there is not something such as the 4th amendment, Law Enforcement and Intelligence agencies can grab your cloud data without requiring a warrant. Unless the data is stored in the US, which is one of the reasons they are so eager to keep it "home

You're commenting under an article that explicitly says how US intelligence agencies and police get around the need for warrants. Many rights in the US are more theoretical than practical if someone in power decides so.

Also, there are strong expectations of privacy in the EU, as well as due process, warrants, etc. There are of course abuses, and especially "terrorism" can enable some shortcuts (to be fair, often for very good reason multiple EU countries have had tens to hundreds of dead from terrorist attacks that could and should have been prevented), but I don't have the impression it's in any way even close to as bad as the US. Do you have any information/sources to the contrary?

[janmo]

Look at the technique they used with Silk Road:

"Because the SR Server was located outside the United States, the Fourth Amendment would not have required a warrant to search the server, whether for its IP address or otherwise."

- Assistant US Attorney Serrin Turner

[ivan_gammel]

To me this statement only makes sense if it explains why an American law enforcement agency can hack a foreign server without an American warrant. And it just demonstrates the limits of American privacy protection.

If you think this was about European legal system, you are mistaken. If Americans were hacking European servers without due process involving European authorities, this was probably highly illegal here.

[janmo]

There is a pattern:

Silk Road, SkyECC, EncroChat, TorMail+Freedom Hosting.

What do they all have in common?

Their servers were found or their encryption were broken under mysterious circumstances involving classified "techniques". In 3 out 4 cases malware was sent from the services to their users once taken over.

All were hosted in the EU, even stranger, all of them had servers hosted by OVH. Although SR was not directly hosted by OVH Ross Ulbricht had a vnc server (virtual desktop) there which he apparently used to administrate the SR main server and on another OVH server he had a deadmanswitch and his will.

In a sense this is the counterpart to the survival bias. But in this case we only know where the taken down services were hosted, we don't know where the survivors are being hosted.

All this has serious Crypto AG vibes. Back then it was: trust us, we are from Switzerland, we are neutral....

[ivan_gammel]

It doesn’t make sense to build a conspiracy theory on randomly selected facts, when there’s an obvious explanation that in all those cases the law was broken and law enforcement acted as they were supposed to act. Other ISPs and hosting providers are cooperating with lawful requests too.

[ivan_gammel]

Your comment needs some serious fact checking. For example, Encrochat backdoor was authorized by judge, so there was a due process. And it was not an ordinary customer.

[janmo]

The fact that this was "due process" and "legal" makes the matter even worse IMO.

[ivan_gammel]

How? They busted huge criminal network and linked the app itself to a criminal gang. This is how the law enforcement should work. Every human right, including privacy, has limits and the purpose of the law and the due process to establish where those limits should be. It would be strange to expect that privacy of a human trafficker or drug dealer is protected more than the rights of the people they harm.

[janmo]

They intercepted and read the messages of most users, yet the number of arrests is significantly lower than the total number of SkyECC and EncroChat users.

Not only that, but they also have charged and are attempting to jail the creators of these phones/end-to-end messaging apps.

With what is happening it is becoming pretty much impossible to provide backdoor free communication tools within the EU.

[lifestyleguru]

"Privacy" went down the drain long time ago. It's good to be aware of the worst offending policies of specific countries and providers. UK and Germany take inglorious lead. Is it worth considering the alternative is consolidated abuse by oligopoly of US providers? Your choice.