Privacy

33512 readers

228 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

140

US Cloud soon illegal? Trump punches first hole in EU-US Data Deal. (noyb.eu)

submitted 2 weeks ago by [email protected] to c/[email protected]

19 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 18 points 2 weeks ago (1 children)

US-Cloud was always illegal for EU-citizens since GDPR. Privacy shield was just the next try to label it as legal without changing the cause (US having no privacy protection) until it gets disabled again by EU court in 5 to 10 years.

[–] a4ng3l 8 points 2 weeks ago (3 children)

It’s never been illegal at all, you’re oversimplifying the issue. Plenty of use cases that can use US clouds. Not all data is PII and plenty of use cases perform fine by anonymising their data. Also EU countries aren’t that better than US when it comes to state issued privacy violations; we just don’t do dragnet bullshit (yet) but plenty of requests are served as requested…

[–] grue 7 points 2 weeks ago (2 children)

and plenty of use cases perform fine by anonymising their data

Short of aggregating it to get rid of the individual records completely, "anonymizing data" isn't actually a thing.

[–] [email protected] 5 points 2 weeks ago

That's not the only way to do it. In quite a lot of situations you can, instead, generate artificial data that is statistically similar to the original data set and use that instead. That works well for things like system testing, performance tuning and integration testing. Done right, you can even still pull out useful corelations without risking deanonymising the data.

[–] a4ng3l 4 points 2 weeks ago

There’s plenty of techniques to avoid re-identification… aggregation isn’t the only way. Especially considering that aggregation if using a stupid dimension isn’t helping at all…

[–] [email protected] 5 points 2 weeks ago (1 children)

An alarming amount of data that should be classed as PII isnt. information in aggregate changes classification, PII should be treated the same.

[–] a4ng3l 2 points 2 weeks ago* (last edited 2 weeks ago)

Depends on the dimension used. « Shoulds » are meaningless. Let’s not assume everyone is doing shit work, awareness is getting there and people are getting more capable to correctly classify data. Anyway assuming correct classification there are techniques that changes classification enough to allow exportation of data to shit countries.

[–] vegantomato 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Correct. GDPR doesn't prevent US services from serving users in Europe. It does enforce some user rights though.

You are also correct about EU countries violating privacy rights, this is a global fight, not limited to the US or US companies.

[–] a4ng3l 2 points 2 weeks ago

Good thing I’m correct as it’s my job to ensure compliance with it for my employer and related companies.

And we call those rights « data subject rights » as it’s not about users but specifically the physical person concerned about the data. But close enough I guess.