Hacker News new | past | comments | ask | show | jobs | submit login

I don't know how to feel about this. One the one hand this is good for sites that needs to be more global. But I mainly build stuff for Europe and I don't want anything to do with USA when storing personal data. I hope they keep the seperation between Europe and US clear.



They're saying:

> Hetzner's own team of technicians in Germany provides customer support for the Hetzner Cloud servers in both Europe and Ashburn, VA. See below "How do I contact support?" We hope to soon expand the hours for the support team, and we will make an announcement when this happens.

https://docs.hetzner.com/cloud/general/locations/#who-provid...


One can hope, otherwise I can see European customers move off Hetzner. We have a number of customers who do not want US staff to be able to access their servers and VMs.


If you setup the server in the EU why would anyone in US have access to it?


Because some American courts like to think they have jurisdiction everywhere as long as there's a US entity involved


The Kim Dotcom case proves that some courts will ignore nation borders altogether.


This is such a far departure from where I was hoping the Internet would look like growing up. Makes me sad political borders are now viewed as a feature.


The internet can't just paper over the fact that there are fundamental differences on how people do things across the world.


The internet was supposed to be the last free land where nerds could be able to create without worrying which part of the floor is lava.


And it would have stayed that way if only nerds would have used it.

Now it's used by regular people, too. And our lives are much richer because regular people use it, too.

But that means that real life rules now apply.


People ruin everything. Eternal whenever is upon us.


That has nothing todo with the internet but with US law.

BTW it was always like that, want to study the human-body in the middle-ages? Go to arabia, in Europe you get burned alive.


It's a big feature for users who value freedom of speech.

It's laughable that a guy from the EU doesn't get it - their freedom of speech is shit.


This is nothing to do with freedom of speech; the issue is differing laws on data privacy between the EU and US (and repeated failure of Safe Harbour and other regulatory attempts to paper over the cracks).


> It's a big feature for users who value freedom of speech.

That would be Iceland then, NOT the US.


Rackspace, Indymedia, 2004. Ancient precedent by now.


I think the main thing for GDPR is that US based employees should not have access to manage EU datacenters remotely.


Why would an US employee leak personal data just because they’re in the US? It would be a clear violation of employment and probably criminal.


So one concern (and it's not just a theoretical concern; it has happened) is that a US court forces the US branch to use access it has to data held by the EU branch to exfiltrate data. Companies with the highest standards on this stuff will want either a pure-EU host or a host structured such that this can't happen.


Hmm, this is definitely worrying.


US court says hand over the data. German court says that's illegal to do. Complying is illegal and so is not complying.


Not Complying with US law is also illegal, now imagine who has more to say in that regard.

Hetzner should split up in two Company's.

BTW:

The CLOUD Act applies to all electronic communication service or remote computing service providers that operate in the U.S, whether those providers are established in the United States or another country.


Fully legal thanks to "cloud act":

https://en.m.wikipedia.org/wiki/CLOUD_Act


That surprises me (not that I'm particularly educated on this), any links to more info on why GDPR requires that?


The Schrems II judgement might be applicable. I know that in the EU-based company I work for we have strict requirement for all cloud providers to comply with Schrems II, and not send/store any personal data to outside EU.

https://www.gdprsummary.com/schrems-ii/


i was asking specifically about "US based employees should not have access to manage", which isn't necessarily the same thing as "not send/store any personal data outside the EU". You could have data stored inside the EU, but then saying no US-based employees can have access to it seems like another further requirement? Although it may be one under GDPR? But that's what I meant asking for more info about, sorry!




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: