Hacker News new | past | comments | ask | show | jobs | submit login

I treat email in Gmail as publicly accessible, same for almost everything I do on the web casually.

My business data lives in Amsterdam (Azure EU West), critical services we use are based in Europe. At least in my case I couldn't care less if the big US companies handed out SSL keys.

If you think that operating in any particular jurisdiction provides you with protection then you are sadly deluded. Your protection lasts just up until the point where protecting you becomes inconvenient. Oddly enough, using the resources of smaller companies provides less protection because they are easier to influence, and basing services outside of the US means that you are completely fair game for the NSA as you lack even the nominal protection that the (waxing and waning, but currently too damn weak for my mind) domestic/foreign distinction offers in terms of US SIGINT.

The NSA itself has exactly zero power outside the USA.

European snooping agencies seem to be quite happy to cooperate with them, so that argument doesn't really count.

They have the active cooperation of many governments and they have a lot of 0 day.

Be careful that you do not equate "power" and "authority". As Canada mentions below, they have top talent, researchers, and likely many exploits. It seems foolish to believe that geographical location of entities on a globally connected network has a nontrivial bearing on whether the NSA can penetrate it.

Key sentence: "Your protection lasts just up until the point where protecting you becomes inconvenient."

Azure is , as far as I'm aware, still run by Microsoft (a US company).

IIRC it's run by Microsoft Ireland in the EU.

Even then, if the US would be to access EU-hosted data, with no real justification, the EU will not take that kindly. Especially private data.

Yes it will. There is a huge scandal brooding in Germany about the Goverment Agencies sharing wiretaps etc. with US goverment, and high-ranking politicians not only seem to. have been informed but are even justifying actions like this in general. (Knowing that the EU is only as strong as its members, these revelations are really disconcerting to me even before I can see the extent of surveillance data shared)

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact