Feeds

NSA Prism: Why I'm boycotting US cloud tech - and you should too

'Not subject to American law' - the next desirable IT feature

3 Big data security analytics techniques

When a country goes off the rails, why should we trust its computing systems?

"You're not to be so blind with patriotism that you can't face reality. Wrong is wrong, no matter who says it." - Malcolm X

As the US has spent the past 30 years going completely off the rails we've spent that same time becoming absolutely addicted to the technology and services it produces. So deeply embedded are we that disentangling ourselves from American technology providers, cloud vendors and what-have-you is a process of years, even decades.

While undertaking this difficult, painful and expensive task may not be absolutely required for pragmatic business reasons, I argue that it is a moral and ethical obligation we collectively bear to defend that which we believe. We could simply remain apathetic and allow privacy to evaporate as our laws are synchronized with those of the US, but is that what we want to have occur?

No terrorist actions, war, trade sanctions, international politics or other traditional tools of revolution and statecraft will turn America around. Americans have so deeply forgotten the concept of "liberty" that they no longer speak of their freedoms as innate but rather as rights granted them by their government. They see themselves as helpless before an unstoppable and inscrutable juggernaut and their own belief in this makes it so.

America, her people having abdicated their duty of care, is a country entirely run by politicians and civil servants with no oversight except in pleasing donors, and no master but the almighty dollar. The only sound that those in charge are capable of hearing is that of a closing wallet.

Our addiction to US technology and services leaves us vulnerable to the whims of those who make the laws. For those of us from countries that still believe in the ideals our ancestors died for this is a problem. As business owners we have a duty of care to our customers and employees to treat their data and privacy with respect. We are still expected to defend their liberty as if it were our own.

We cannot do this if that data ever comes within legal reach of the USA. Foreigners have no right to privacy within the US; indeed, we've even lost the right to habeas corpus there.

We cannot lobby for change because the American lobby machine is so huge that it would take all of our nations combined to even make a dent; a political impossibility, if the European Union's influence is anything to go by. Instead, US industry has spent incomprehensible amounts of money lobbying our governments to seize our rights from us!

Abort, retry, fail?

"Never do anything against conscience even if the state demands it." - Albert Einstein

To effect change we are left with a boycott in everything but name. It means that non-US Western businesses need to start using "not subject to US law" as a marketing point. We need cloud providers and software vendors that don't have a US presence, no US data centers, no US employees - no legal attack surface in that nation of any kind. Perhaps most critical of all, we need a non-American credit-card company.

If enough of us start to pull our technology purchases out of the US they will indeed sit up and take notice; money leaving the country may well be one of the only things that will ever cause them to do so.

America still believes in its own manifest destiny; the problem is that it has lost its way and the very values it seeks to export to the rest of the world have become corrupt. I do not want the legal solution to the Western world's US privacy and liberty dichotomy to be the export of America's neo-Orwellian panopticon. (If you are Australian or Canadian you can download 1984 for a reminder here.)

We can no longer afford to allow apathy to direct our judgement. We must show our governments that we stand behind them; that we believe in privacy and personal liberty enough to invest only in privacy-bloc countries. Through our actions – which can be as simple as choosing which cloud vendor you use for e-mail – we need to give our nations a sense of international unity and the strength of will to stand up to American negotiators and say "hold, enough!"

The power to quite literally change the world rests not in the hands of the unknowable, inscrutable government suit that negotiates agreements in secrecy on your behalf. That power belongs to each and every one of us expressed through something as simple as where we choose to invest the money we spend. I believe it is our duty to choose wisely and to make those choices based on more than mere pragmatism.

If you know of any providers of internet services who have – deliberately or accidentally – created a business free of American legal encumbrances, please, leave a note in the comments. The ability to choose differently starts with knowledge and we might as well start building that list here. ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Bored with trading oil and gold? Why not flog some CLOUD servers?
Chicago Mercantile Exchange plans cloud spot exchange
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.