14 DAY TRIAL // All the NSA leaks of late seem to be having some positive effect, but it's too early to tell whether it amounts to anything concrete. In the EU, at least, there has been some criticism of the US' nonchalance in gobbling up data, but outside of a few nationalistic speeches, which work great during campaigns, no one has actually done anything in response to the revelations.
There is some hope though. For example, the digital privacy regulation that governs the EU is set to get some amendments and almost all of them deal with "cloud computing," though in the loosest of definitions.
Essentially, the EU wants its citizens to be protected from privacy abuses, something that obviously isn't happening right now on the Internet, dominated by American companies subject to American laws.
On the one hand, companies such as Facebook and Google suck up as much data as they can to drive up revenues, while even shadier advertisers are building "profiles" for everyone online and selling them to the highest bidder. On the other hand, it's clear that the NSA takes a very cavalier approach to people's privacy, even more so when they're not US citizens.
Basically, as a non-US citizen, your data gets very, very little protection in the US. This is what the EU wants to change, though there's some debate over how exactly that's going to happen. The fear is that it will lead to an isolationist approach from Europe.
For example, one proposal is to notify users every time their data is sent to a US server. Another even requires users to consent for their data to be sent to the US and to be notified that this data could be then handed over to the NSA or other intelligence agencies.
Even more interesting, there is a proposal, as the NYT reports, to require companies that handle data to inform both authorities in the country where the user is from as well as the user when they receive a request from US authorities.
But many requests from the NSA or the FBI come with a gag order, which prevents the companies from notifying the subjects of the investigation. Ironically, American lobbyists in Europe had managed to remove this from the current privacy regulations, only to have their work undone by the NSA.
The idea of requiring companies to host data on European citizens in Europe, so that the local privacy laws apply, is also being put forward again and is getting some traction.