> You are maybe concerned with the technical issues / problems to the service provider.
Not just that (though I certainly don't consider it reasonable to expect a service to have thousands of servers in thousands of jurisdictions and deal with thousands of legal systems; frankly, I want services to expose themselves to as few jurisdictions as possible).
I'm concerned about the usefulness of the service to its users. As a user of a service, I will not accept partitioned and walled-off services where I cannot interact with people elsewhere in the world. That's my choice, and the choice of people and projects I collaborate with, and I choose to use services that allow me to collaborate with those people and projects.
> And of course all the way to ideas such as XMPP, Diaspora, and so on.
I did specifically say that:
If we're going to go to the trouble of building interoperable, federated services, it should be to put them in the control of individual users, not in the control of governments.
If you have the capability of interoperability and federation, then where you host your data should have nothing to do with jurisdiction, and everything to do with who wants to store and control the data.
Well, I don't propose or expect companies to volunteer doing this.
My point is that EU (for one) should mandate them, and if service providers like FB, etc, don't like them, they could skip the 500m market -- and just be careful not to let the door hit them on their way out...
>Not just that (though I certainly don't consider it reasonable to expect a service to have thousands of servers in thousands of jurisdictions and deal with thousands of legal systems; frankly, I want services to expose themselves to as few jurisdictions as possible).
As long as it's your jurisdiction? (assuming you're in the US, since it says on your HN profile that you work for Intel).
Or that's a happy accident (for you) that is not really relevant to your point, but others should be fine with?
I'd prefer the services I use to be under the control of my country's laws and my democratic vote -- not under what some third country dictates and controls.
Besides, hyperbole much?
There aren't "thousands of jurisdictions and legal systems". At worst, they are like 150 or so, as many countries. And some could get together and accept a single country as the host and set their common rules (like the EU could do for EU member states).
Major services already have tons of global CDNs servers, even on small countries.
And if there was a mandate, there could easily be an infrastructure and common services to deploy to span the globe (e.g. turn-key Amazon provision for sharding your data into multiple data centers per jurisdiction).
It doesn't even need to be all players, could be mandated on some size and above -- and surely Google, Facebook, Apple, etc scale.
No, not at all. I expect it to be the jurisdiction of whoever runs the service. That jurisdiction will necessarily have control over the authors of the service; there's no getting around that. (The authors can try to build the service with themselves as a threat model, which few services do, and even then that may not work.) Unless you want to mandate that people can't use services from outside their country (and enforce that with a country-wide firewall blocking access to the real Internet), then you're never going to get around that.
Also, you seem to be treating "store and use data locally" as a thing that protects the citizens of a country, rather than a thing that threatens the citizens of a country. Many countries want data stored locally so that they can seize it, and want services hosted locally so that they can block those services or make them consistent with the country's propaganda.
Also, you're assuming that data is nicely partitioned by user. For many useful services, it isn't. Just for the simplest case, consider collaboratively-edited works by multiple users.
> There aren't "thousands of jurisdictions and legal systems".
Tell that to states and equivalent sub-jurisdictions within countries. Tell that to many large cities and their local regulations. Thousands is if anything an underestimate.
> there could easily be an infrastructure and common services to deploy to span the globe
That sounds like a great way to introduce security holes and a vastly expanded threat model.
Also, to comment on something you edited into a previous comment:
> (Exceptions could be made for non-democratic countries -- no reason to give control of a service's local data to a dictatorship).
Who gets to decide that? Obviously not the countries themselves. That just leaves the people building the service and the people deciding which services to use; those are the same parties who already get to decide that today.
Feel free to build such services, if you wish.
> You are maybe concerned with the technical issues / problems to the service provider.
Not just that (though I certainly don't consider it reasonable to expect a service to have thousands of servers in thousands of jurisdictions and deal with thousands of legal systems; frankly, I want services to expose themselves to as few jurisdictions as possible).
I'm concerned about the usefulness of the service to its users. As a user of a service, I will not accept partitioned and walled-off services where I cannot interact with people elsewhere in the world. That's my choice, and the choice of people and projects I collaborate with, and I choose to use services that allow me to collaborate with those people and projects.
> And of course all the way to ideas such as XMPP, Diaspora, and so on.
I did specifically say that:
If we're going to go to the trouble of building interoperable, federated services, it should be to put them in the control of individual users, not in the control of governments.
If you have the capability of interoperability and federation, then where you host your data should have nothing to do with jurisdiction, and everything to do with who wants to store and control the data.