After SOPA, it became clear that the U.S. info sector could no longer neglect its lobbying efforts in Washington. The MPAA and RIAA represent comparatively tiny (in terms of revenue) interests but were only thwarted by the unpredictable (and unreliable) intervention of the public.
Now this.
The info sector has become big industry and is going to play a correspondingly big role in U.S. politics going forward. They're going to make more campaign contributions, be more involved in the campaigns themselves, and spend more money on lobbyists than ever before. Capitol hill is about to get a whif of silver-dollar grapeshot from a new angle, and those voting to maintain NSA funding are in an exposed position!
Just pointing this out, Telecom is part of the info sector and they've been lobbying forever.
I would say that google, Facebook, Microsoft and apple (prop 8) all lobby in some form. I mean Marissa Mayer had Obama over for dinner during the height of the campaign (she was hosting a fundraiser with her husband).
My point is this: we don't need more lobbyists so much as we need leadership. Zuck tried and has likely failed. In recent years I've started to think Ron Conway might be an interesting candidate to consider; he certainly holds enough sway in the valley.
Be careful what you wish for, Google is now one of the biggest spenders in Washington [1], $18.2 million on lobbying in 2012. Needless to say, big business in the tech sector will have plenty of say in the future (if that was ever a worry), but, as always, civil liberties will continually need to be fought for.
The depressing thing here is that it is going to a wrong direction. Instead of working to reduce the intervention of the politicians in the private affairs, what would inevitably happen is more money spent on lobbying, more laws bought by these money and more politicians and and government functionaries having their services to offer for sale. Instead of government getting smaller, the government will get bigger - and this would be paid by exactly the businesses who suffered from the expansion of the government. They just will pay so the other guys would suffer instead of them, now that they have enough money to play the game.
We need a well-organized lobbying effort to support the interests of United States internet companies. Those survey numbers are actually astounding.
The most surprising thing about lobbying and donation efforts is that they aren't really all that expensive. All it takes is a few hundred thousand to a million to swing a tight election. The amounts aren't that large. Maybe a crowdfunding campaign for a Free Internet PAC?
From my perspective outside the States, there is already government support, which is the full-court press US ambassadorial staff have been running in Australia and New Zealand to categorise privacy and data sovereignty laws as unfair and illegitimate anti-competition laws whose sole purpose is to prevent companies like Amazon gutting the local IT markets.
I imagine they are running the same line in Europe.
I wonder what Amazon's relationship with the US government is like?
Sure, there are some interests that run in the opposite direction.
But domestically, the amount of power Silicon Valley and tech centers across the country hold in Washington is not commensurate with their economic and cultural clout. Certainly it is time for that to change.
They're just starting to get serious, but the Internet Association is playing way too much softball, and more importantly they're pushing more for the specific corporate goals of their financiers than the interests of the internet at large.
You're forgetting that the same industry is already getting the US government to lean on non-US governments to relax their privacy laws so that the US info sector can perpetrate it's own massive privacy violations thing for fun and profit.
As far as non-US citizens and their privacy is concerned, the US tech industry and the NSA are just two sides of the same coin.
Unlikely. And I believe that the issue is that some politicians still have an old school boy mentality where nerds/geeks are somehow lesser than them.
Rep. Jason Chaffetz (R-Utah) famously said "Bring in the Nerds" during SOPA hearings. He then continued to call people in technology nerds multiple times. Youtube link: http://www.youtube.com/watch?v=xrrj9Wc2L84
Rep. Mel Watts (D-NC) made it a point in his opening statement during the SOPA hearings to mention that he "is not a nerd" and therefore doesn't understand the technological parts of the bill. Youtube link: http://www.youtube.com/watch?v=i6x1sYYqKLY
Until congress starts to realize that nerds are not basement dwellers, and instead are pop culture (Facebook, The Internship) they will continue to roll their eyes at any sort of lobbying.
Until congress starts to realize that nerds are not basement dwellers, and instead are pop culture (Facebook, The Internship) they will continue to roll their eyes at any sort of lobbying.
Good. That creates an opportunity for more enlightened people to challenge the incumbents, backed by the ample funding that the nerds are going to be throwing around increasingly in order to protect their industry from the incompetents.
A saying that begins "First they ignore you" comes to mind.
That seems like wishful thinking. Nerds don't run for office. They're not interested and mostly busy doing other stuff. Spending Valley lobby dollars might buy our industry a timeshare in a politician, but "our" rep won't have any more respect for nerds than anybody else in Washington.
I too have switched my personal things and most of our company away from the US. I have helped my friends move to non-US chat services and/or use OTR. I will spend my money on secure (from snooping and the operator) encrypted services outside the US instead.
Seeing that we have no rights in the US whatsoever, it is ridiculous to store anything in the United States that could be used in any way at any point in the future.
If the US wants to keep its leading role in the Cloud-business, it will need to curb these programs and protect the companies from forced participation in mass surveillance measures (including on foreigners). Keep in mind that even a single policy-maker that decides not to trust US-based services can cost the US economy millions of dollars.
Honest question, what makes you think that you will have more rights/privacy by hosting somewhere else? It's been my impression that there has been (comparatively) little backlash within the US regarding foreign data acquisition. Maybe all this attention on the NSA's activities will be the trigger for other countries to create or ramp-up their own data snooping efforts.
- the snooping is explicitly targeting foreigners. In USA I'm a foreigner, by hosting in my own country I have at least the protection of being a citizen.
- if I don't like the snooping my own government does, I can call my representatives, vote for "less snooping" political candidates, start lobbying etc. In a foreign country like USA I have no rights or leverage whatsoever.
NSA and CIA has been used for Industrial espionage purposes in the past, so I wouldn't be surprised if this whole PRISM program was in part for enriching the wealthy and connected even more (and their enterprises).
We already moved our servers & data back to Germany right now evaluating few replacements for Google Apps.
I'm not the OP, but I'll add my two bits here anyway…
I'm moving things off US hosted services - but at the same time I'm also ramping up my privacy protections as well.
For example, I'm changing from using Dropbox to using EncFS encrypted data stored on JottaCloud. I'm not _relying_ on Norwegian based storage to be any less at risk from the Norwegian state security service than Dropbox(/Amazon) data stored in the US - but while it's possible that the NSA might have crypto attacks or hardware/software backdoors that work against my OS and/or EncFS/GPG - there's a _much_ lower chance that the Norwegians have that (or that the US shares those attacks with Norway).
(I'm also using BTSync to get "cloud-like" multi-device file sync without needing to rely an _any_ cloud provider. The closed source nature of BTSync doesn't fill me with joy though - I'm experimenting with Tahoe/LAFS, but I'm not prepared to put in the amount of work required to give me access to data stored that way on my phone/iPad…)
For whatever I self-host, I use open source software I trust (and sometimes contribute to). For other services, I either encrypt as much as possible (i.e. encrypted storage, OTR for chat, PGP for email) and accept that anything non-encrypted is virtually public.
I could also host these encrypted things in the US, but here in Europe I have lawful rights, and my government does not torture, nor does it kill citizens who it sees as evil without any due process. I guess it's as much of a boycott as it is preventing a country that does not have my interests at heart from having access to my data and/or metadata.
Note that about a year ago the Dutch government has announced the AIVD (~Dutch NSA/CIA) budget is being cut 40% over the next few years, and defense spending has gone down too.
I'm sorry, but you are displaying a remarkable level of naiveté about how the world works.
I'm not excusing the NSA, but the reason why the USA is exceptional is precisely BECAUSE things like this are an aberration and not accepted as a matter of course. We discuss them as a society and change our government when it gets out of line.
Lets not forget that it was a democratically elected government in Europe that started WWII. And killed millions for nothing more than being born who they were. Systematically, and with the full acquiescence of the favored population.
I'm not excusing WWII, the reason Europe is exceptional is precisely BECAUSE things like that are an aberration and not accepted as a matter of course. They discuss them as a society and change their government when it gets out of line.
Let's not forget that it was a democratically elected government in the USA that started...
> Lets not forget that it was a democratically elected government in Europe that started WWII. And killed millions for nothing more than being born who they were. Systematically, and with the full acquiescence of the favored population.
I'm sorry, but you are displaying a remarkable level of naiveté and outright stupidity about how history happened.
Hitler was not democratically elected. Hitler had only been a legal German citizen, permitted to run for office, for less than one month. Hitler ran for President with the intention of using the office to destroy the constitution and establish a dictatorship (under which it is extremely dubious to justifiably assess 'full acquiescence' of the population). He assumed the presidency after losing the election because Hindenburg died two years after defeating Hitler, and Hindenburg ran for re-election expressly to prevent Hitler from becoming president. After Hindenburg reluctantly appointed Hitler as Chancellor, the 1933 elections were an inarguably undemocratic election, in which new "elections" were held after Hitler urged dissolution of the Reichstag. The Nazis relied on widespread violence and intimidation, culminating in the Reichstag fire and subsequent laws that eviscerated civil liberties and imprisoned political opponents. The Nazis even "monitored" the elections to ensure they achieved a majority.
Slavery, Jim Crow, McCarthyism, sexism, paternalism, COINTELPRO, etc.--all these have strong places in American history of being the norm, not the aberration, and being accepted as a matter of course.
And who were these Nazis? Were they Germans who acted on behalf of their party and political ideology?
You can argue all you like about how much worse the USA is than Europe but my mother lived in Germany during that time. Complain all you like, but the USA is still far ahead of where Europe is when it comes to civil rights. Ask any survivor of the camps.
The mere fact that the head of the intelligence agencies is going to have to testify under oath in front of the Congress is a sign that the legitimacy of our government is something that is valued and protected.
Appeal to emotion, much? You directly mischaracterized the democratically elected status of the German state that began WWII. It has everything to do with the undemocratic nature of the German state after 1932 that led Europe to WWII.
I never argued in the slightest that the US was in any way, shape, or form worse than Europe. I simply corrected your incorrect understanding of history. If you're going to take a point from history to make a point about contemporary society and events, then at least get the history correct. It's not like you have to read between the redacted lines of history to do so.
Just by the way bureaucracy works you can make it a lot more inconvenient for them by using services of a bunch of different countries just to put your profile together.
By rotating free email providers such as mail.ru, free.fr, and so on you can pretty much create a bureaucrat's nightmare - assuming of cause the unlikely cause that this is the weakest link in the chain.
Off-topic, but a fun way to take this to the next level: if you have your own domain, you can set mx records with the same priority at different services to randomly scatter your incoming mail. You can then pull them in with pop3 with your mail client or getmail with something like Dovecot to provide a self-hosted IMAP interface.
You get the added benefit of having automatic fallbacks if one of your mail services is down.
I can't speak for all DNS servers but BIND will return them in a different order each time it answers an query.
For example, the first query returns "mx1, mx2, mx3"; next query returns "mx2, mx3, ms1"; next query returns "mx3, mx1, mx2". Many resolvers seem to simply use the first one so it's roughly equivalent to round robin load balancing.
As far as I know that's the expected behaviour. I also saw it in practice, although I did not study the exact distribution in much detail.
The reason for this behaviour would be that you would normally use this for load balancing.
You can normally get the same behaviour by setting one MX record to a local A record (mail.example.com), and then serving several IPs for that A record in a round-robin/random fashion.
That you don't know if another country is monitoring as deeply as the U.S. isn't a good reason for considering the U.S., who we know is monitoring as deeply as the U.S.:)
I don't think that you need to bring countries into this.
Ubiquitous surveillance goes hand in hand with corruption and authoritarianism. Cloud services make surveillance easier - get off the cloud and run your own services.
"The level of skepticism was greater than I expected," said Jim Reavis, co-founder and executive director of the CSA. "I had thought that more people would understand that these activities happen all the time in their countries as well."
That quote is just astounding. The "Cloud Security Association?" Really? It reflects a strange kind of toadyism that some "security professionals" have about cooperating with intelligence and law enforcement.
"Hard working, innovative technology companies are losing out to foreign companies due to this unaccountable, big government program. It's time to reign in this anticompetitive NSA behavior and let American business compete on a level playing field."
*formatted for a talking head to use on FOX News/MSNBC/CNN
"Those companies are full of hipster kids with fancy Ivy League degrees, spoiled with perks and massive salaries, making useless products that are scary because your kids understand them and you don't. They're coldly taking steady jobs in manufacturing, retail, and service just so Google can install another ball bit.
The NSA has put them in their place and now they're whining. And don't forget, these programs keep you safe."
People will believe whatever spin fits better with their pre-existing point of view.
Can't the NSA spy on foreign operations without any legal oversight, as opposed to spying on domestic operations with "oversight" from a secret court? Both are bad.
> Can't the NSA spy on foreign operations without any legal oversight
Yeah. It would be kind of bizarre to have a military signals intelligence service where spying on foreign electronic communications was some kind of exceptional activity.
The whole point of the NSA is spying on foreign operations. The legal restrictions involving a "secret court" (the two courts themselves aren't secret, though their proceedings tend to be) for oversight are to prevent the abuse of the "foreign intelligence" excuse as a backdoor for blanket domestic surveillance.
Or at least, that was the original purpose of FISA after exactly that kind of abuse. With various "War on Terror" era changes, its arguable that the purpose of the oversight has been reversed so that it now serves as a form of legal cover for the abuse of the "foreign intelligence" excuse as a backdoor for blanket domestic surveillance.
Yeah. It would be kind of bizarre to have a military signals intelligence service where spying on foreign electronic communications was some kind of exceptional activity.
And then international travel became a routine occurrence, and countries made "alliances", and international commerce became one of the most powerful forces driving the global economy, and the Internet arrived, and the kind of black and white world you're imagining went away. No country exists in such a vacuum in the twenty-first century, and a country that respects the basic rights of its own people but completely ignores the rights of others will pay a price for that hostility sooner or later. At least today that price is mostly measured in dollars and not blood as it might have been a few decades ago.
It's sad that a lot of the abuses we've seen and heard about in recent years have to be curtailed through financial pressure and not politicians doing the right thing, but that doesn't make people voting with their wallets any less effective.
Travel doesn't really change things. The issue is sovereignty; relations between nations remain stuck in a place very close to the Hobbesian state of nature. Insofar as this is a problem to solve, the solution is popularly accountable governments with broader geographic scope than existing nation-states.
Note, however, that, there's not much movement in this direction (EU expansion is pretty much it) anywhere in the world, and some movement in the other direction.
Travel doesn't really change things. The issue is sovereignty
I don't know how meaningful "sovereignty" is any more, though. We live in very literally a global community today. People visit each other's countries for work and pleasure, some for a short time, some making a relatively permanent move. Even without physical presence, in the age of the Internet and easy international shipping, everyone's economy depends deeply on those outside their own country.
The kind of "us and them" mentality we've seen in recent debates about privacy and security is an anachronism, a work of fiction based on romantic notions from a different time and place. The key difference between political vs. financial influences reigning in that mentality is that the established ruling class in each "us" group can still exert considerable control over the political landscape, but the financial landscape is shaped by reality and has therefore adapted faster to modern life. You can spin your surveys showing that 99.97% of $YOUR_COUNTRY's citizens have no problem with $ABUSE, but if the reality is that the abuse is unpleasant and people don't like it, the money is still going to show it. Ask anyone in the air travel industry who has the option of using various controversial security measures or not.
> The kind of "us and them" mentality we've seen in recent debates about privacy and security is an anachronism, a work of fiction based on romantic notions from a different time and place.
All notions of groups of people are equally works of fiction, whether its everybody-is-"us" or "us and them". As long as you don't have a single government of global scope, you are going to have the consequences of separate governments (and, no, "no governments" doesn't get you out of that problem, its just the limit case of lots of governments, where every government consists of one person.)
> The key difference between political vs. financial influences reigning in that mentality is that the established ruling class in each "us" group can still exert considerable control over the political landscape, but the financial landscape is shaped by reality and has therefore adapted faster to modern life.
That's an amusing story, but it is by no means true. Particularly, it relies on the absolutely ludicrous idea that "the financial landscape" and "the political landscape" are separate things. Particularly, it pretends that the "established ruing class" that has influence over the "political landscape" isn't the same set of wealthy people whose preferences are reflected in the "financial landscape", and that the "political landscape" isn't a product of how the "financial landscape" has "adapted to modern life".
> You can spin your surveys showing that 99.97% of $YOUR_COUNTRY's citizens have no problem with $ABUSE, but if the reality is that the abuse is unpleasant and people don't like it, the money is still going to show it. Ask anyone in the air travel industry who has the option of using various controversial security measures or not.
Do you realize how the nationalization of air travel security in the US (which relieved airlines of responsibility/liability), the adoption of many specific controversial security measures (that involved purchasing goods and services from security firms), and the programs which allow the "right kind" of people to pay and bypass certain security procedures illustrate the falsity of your political vs. financial dichotomy?
Particularly, it relies on the absolutely ludicrous idea that "the financial landscape" and "the political landscape" are separate things.
They can easily be so in the short term. In the longer term, they tend to get pushed back into sync.
Particularly, it pretends that the "established ruing class" that has influence over the "political landscape" isn't the same set of wealthy people whose preferences are reflected in the "financial landscape"
They aren't, because money locked up in someone's savings and investments isn't driving the economy in the same way that money someone spends in the store or going on holiday is. Unless those few rich people are suddenly going to start flying thousands of times a day, the airlines are going to care more about the numerous you-and-me people choosing whether to spend their money on a flight than they are about one guy who always flies first class but is still only buying one ticket, particularly when, as you point out yourself, they can often conveniently eat their cake and have it if they allow the rich guy to bypass unpleasantness that is imposed on the rest of us anyway.
Do you realize how the nationalization of air travel security in the US ... illustrate the falsity of your political vs. financial dichotomy?
It illustrates how in the short term the political powers always win, sure. But in the long term, significant numbers of people and businesses will favour travelling in more pleasant ways, or storing their data in ways that don't expose them to liability and/or industrial espionage, or otherwise avoiding unwelcome measures where it's possible to do so. The unpleasantness exposes its perpetrators to disruption by more agreeable alternatives, which is why those perpetrating it are always trying to force a lack of choice on consumers via legislation. But that in turn has a political price, and sooner or later it always breaks down too.
Since all of the companies fingered as cooperating actively with PRISM were American companies, the assumption is that while the NSA may spy on foreign companies those companies are not actively cooperating with the NSA and it is therefore (in theory, I suppose) harder for the NSA to get at their data.
Not only that, it will cause us the lead in innovation and technology services. It affects all apps that depend on those cloud services and they are getting yelled at by their customers for not providing better alternatives.
Incidentally, I just had a new customer call to ask about hosting services, because he needs a new mail account and, in his words, "can't trust Google after all the recent news." This guy is an attorney and very far from the tech echo-chamber.
I've got a pretty small business in a small town, so when I start hearing about stuff like this from customers, it's usually a pretty good indication that it's gone mainstream.
Using google just makes me feel dirty. When it's decision time at my company there are a number of us who will be lobbying against google, skype, dropbox et al.
What's surprising is the lack of alternative services (even outside the US) that clearly state any service they provide will in fact shut down before not being transparent. I have cancelled quite a few services over the last few months, but struggle to find real alternatives.
Also, I doubt even transparency in the aggregate would be enough to make me go back into US based offerings.
I notice they've now got a US based datacenter. With my overly-paranoid hat on, I wonder how much that places their entire business under risk of NSA pressure?
very good; change in policy will come if the big tech companies speak up and state that total snooping is bad for business.
If one is all for snooping then the sited argument is 'national security' - a very pressing concern.
If one is against snooping then the only argument one has are 'civil rights' - this is a matter of principles, meaning that is not of immediate concern; there is always something more urgent to override matters of principle.
If one states that snooping is bad for business then this again moves the argument against snooping into the realm of urgent issues.
As of yesterday I've been noticing various Google applications (Maps in particular, both web and iOS) nagging me to turn on centralised history recording, in order to have any kind of search history or bookmarking.
My answer is "hell no", always has been and even more so now; and I can deal with the disappearance of functionality, but the nagging is especially irritating and the timing doubly ironic.
Good for you. Thoroughly understandable, that money could help to build infrastructure in your own country. At the same time, the economic cost will undoubtedly help to end this undemocratic insanity, and will make these guys far more sensitive to their endless xenophobia.
If US tax revenues fall, then tax rates rise (with concomitant loopholes for the wealthy). Gov't wins either way. The general public takes the hit, as always.
The biggest danger to the USA tech industry isn't even the customer blowback, which might blow over soon enough. The biggest danger is an opportunity for local competition to lobby the local governments to legitimately regulate US competition out of the market. For instance if the German government demands that all operating systems have to be open source (to prevent backdors) and replaces Windows with something like LiMux (which will of course be serviced by local companies who lobbied) and all companies dealing with citizen data have to use it as well, Microsoft could lose a huge chunk of market almost over night.
This is why in my recent rant about how Microsoft could re-establish its relevance [1], one recommendation was that Microsoft differentiate itself as the only tech titan to champion a decentralized cloud. I fairly strongly feel that would be a competitive advantage.
(Of course if all self-managed security implemented on Microsoft operating systems can be subverted by the NSA, it's a moot point.)
I feel that Apple was in a unique position to do that. As we all know, they make their money from hardware and don't have much interest in taking control of users' data (beyond what is necessery for some nice vendor lock-in of course; not unlike the Microsoft of the distant past).
Better yet, they already had popular consumer hardware in place on which they could have built a decentralized cloud service: Time Capsule and AirPort Extreme. They could have just iterated on those devices.
But no, they chose instead to build that stupid, useless iCloud thing with the faux linen website. And while they were at it, made their networking hardware worse than before.
Maybe there were sound technical reasons for not going the decentralized route (like crappy bandwidth and latency, or increased complexity), but it still feels like a missed opportunity.
ha.. Talk about doing the right thing at the wrong time and wrong thing at the right time. Microsoft is pushing hard to move everything to the cloud. Office, Search, Storage - Skydrive, pretty much your entire desktop by the middle of this decade. Had they stayed put, they could have had a easy bright future.
Rule #1: Never follow your competitor in pitch dark.
But doesn't Microsoft also have good relationship with other governments? Wouldn't that make them play diplomatic? If Microsoft is found inserting backdoors into their core OS, every other government using their product would dump it for something else. From a business perspective why would someone willingly take that risk?
so this might happen in the SMB space. but any slightly global corp? just how will that US office be connected? will BMW cut off all of the US? Nestle? Sanofi-Aventis? Heineken? Toyota?
if it's on the internet, everyone is snooping it. your traffic crosses swedish borders? swedish intelligence has the right and means to copy everything. haven't seen new routing tables being adjusted to avoid sweden. facebook has their EU datacenter there.
it's kneejerk-ish IT admins who are pulling these things right now. who don't understand what having anything connected to the internet really means. any un-encrypted email plus their attachments? that pricelist you just sent your colleague? public. chatting with partners over g2m or skype? public.
but sure, the NSA is listening in on your little bikeshop which is using basecamp or mailchimp. core interests of the USA in peril.
At Tonido, we got a following mail from a customer a week back.
" We are sorry but recent developments and news in regard to the NSA PRISM program and the Patriot Act have made us decide no longer to use any cloud solution developed or hosted by a US company. You can remove our information from your database."
Even though, Our Tonido software is a self hosted one and totally orthogonal to Google Drive or dropbox in principle and in operation, we do get the shaft unfairly.
At this point I think it's not entirely unreasonable to assume that your company might be forced to incorporate hidden backdoors into your software should the NSA ever decide that your customer's data is of value to them.
Now this.
The info sector has become big industry and is going to play a correspondingly big role in U.S. politics going forward. They're going to make more campaign contributions, be more involved in the campaigns themselves, and spend more money on lobbyists than ever before. Capitol hill is about to get a whif of silver-dollar grapeshot from a new angle, and those voting to maintain NSA funding are in an exposed position!