Data Security "MADE IN GERMANY"

Impetus

The Deutsche Telekom website makes a clear statement of the company's commitment to data security and privacy. Microsoft is setting up a hosted Azure cloud service, regulated under German law, and operated in trust by Deutsche Telekom for Microsoft, to enable them to overcome US (and other rogue state) national mass spying activities.

Quote:

DATA SECURITY "MADE IN GERMANY"*
From certified, highly secure data centers in Germany - hosted by strict German and European data protection regulations.

Unquote

Why can't Eir and other companies providing telecommunications and data centre hosting services in Ireland offer similar commitments to customers and users?

Why does Ireland not have the required data privacy and security regulatory environment against mass surveillance of the population, in place to stand out like Switzerland and Germany have?

An inability to make clear statements of commitment to privacy and security laws would make back street telcos stick out. While I am not listing these companies here, anybody who knows the telecommunications industry has a good idea of the companies I have in mind.

*Deutsche Telkom paid several million EUR to have that brand colour created for the company

syklops

I know its unquantifiable why a country of 80 million people and a GDP of 3.7 trillion has nicer things than a country of 4.5 million and a GDP of 270 Billion.

Impetus

syklops wrote: »

I know its unquantifiable why a country of 80 million people and a GDP of 3.7 trillion has nicer things than a country of 4.5 million and a GDP of 270 Billion.

While IRL may have difficulty replicating many German things - car manufacture, ICE trains, and industrial production systems, there is nothing to stop Ireland from having a data privacy system as good as if not better than Germany. Something that could be sold internationally as a platform.

Microsoft has a large cloud platform in Ireland. However they had to invent one in Germany, because Ireland's data privacy regime is not credible.

The US regime is costing US cloud companies and others billions in lost sales, especially for international business. I think you will find American companies very receptive to any data privacy initiatives coming from the Irish government.

https://en.wikipedia.org/wiki/Bundesdatenschutzgesetz

syklops

Impetus wrote: »

While IRL may have difficulty replicating many German things - car manufacture, ICE trains, and industrial production systems, there is nothing to stop Ireland from having a data privacy system as good as if not better than Germany. Something that could be sold internationally as a platform.

Microsoft has a large cloud platform in Ireland. However they had to invent one in Germany, because Ireland's data privacy regime is not credible.

The US regime is costing US cloud companies and others billions in lost sales, especially for international business. I think you will find American companies very receptive to any data privacy initiatives coming from the Irish government.

https://en.wikipedia.org/wiki/Bundesdatenschutzgesetz

Is there really nothing stopping Ireland having a data privacy system as good as germany?

Off the top of my head:

We aren't German
Half the population don't see the need for it
The government dont want to pay for it.
We have little to no experience in doing something like this
We will most likely spend millions on a committee-led advisory group who 5 years later will publish a report which no-one will read.

Impetus

syklops wrote: »

Is there really nothing stopping Ireland having a data privacy system as good as germany?

Off the top of my head:

We aren't German
Half the population don't see the need for it
The government dont want to pay for it.
We have little to no experience in doing something like this
We will most likely spend millions on a committee-led advisory group who 5 years later will publish a report which no-one will read.

Most of your excuses are a reflection of the sick mentality shared by many Irish people. There is a large business potential in creating a platform that is widely regarded and secure and has a respect for private data.

liamo

I didn't read them as excuses. I read them as observations - pretty much spot-on too.

Unless the problems facing the introduction of a German-style system are understood and acknowledged, it won't get anwhere. Calling observations excuses does nothing to help.

Your reference to the "sick mentality shared by many Irish people" is a little harsh, if I may say so.

While many Irish people and institutions don't understand the value of the type of system you propose, it appears that you are guilty of the same lack of understanding of the current environment within which we all operate.

That understanding is crucial to undertaking any changes. Those changes are going to be small at first and built upon. While we can admire the German system from afar, it's not reasonable to expect it to be adopted in its entirety tomorrow.

Don't stop fighting the good fight though !!!

Impetus wrote: »

Most of your excuses are a reflection of the sick mentality shared by many Irish people. There is a large business potential in creating a platform that is widely regarded and secure and has a respect for private data.

Keyzer

Impetus wrote: »

Most of your excuses are a reflection of the sick mentality shared by many Irish people.

That escalated quickly...

You have a very idealistic way of looking at these problems which, in turn, makes you come across as quite emotional about these issues. I commend your passion for the subject but, unless you start to take a pragmatic view on such issues, you'll end up driving yourself mad.

Fact is, most people in this country (and other countries for that matter) don't care about these issues.

Is there a requirement for the Irish government to do this?
What would drive the Irish government to do something like this without it being required?
What value would they get?

syklops

Impetus wrote: »

Most of your excuses are a reflection of the sick mentality shared by many Irish people. There is a large business potential in creating a platform that is widely regarded and secure and has a respect for private data.

Those weren't excuses why it can't be done. They were explanations why it won't be done. I don't really agree about the sick irish mentality as you put it. Irish men and women have done great things in the past, and sometimes you just have to go and do it yourself because no-one else will help you.

There is large business potential in providing fast reliable public transport but we don't really have any. There is large business potential in a lot of things we don't have in Ireland. And many of these are things the general population would like.

The analogy I like to use is the Bertie Bowl. Bertie Ahern wanted a world class stadium built while he was Taoiseach. Ireland was booming, we had more money than we knew what to do with and Bertie was the most popular man in Ireland and he wanted his legacy to be a world class stadium and then bid to hold Euro 2008. And I would wager quite a lot of the population would have liked to see it happen too. What happened? It got abandoned due to spiraling costs. Now if Bertie can't get a Bertie Bowl built when he is passionate about it and when he is in power, the hope of getting something that most ministers don't understand or see the need for, is very slim indeed.

You'd be as well off suggesting we make Facebook compatible condoms to Fidelma Healy-Eams

AnCatDubh

Impetus wrote: »

Microsoft is setting up a hosted Azure cloud service, regulated under German law, and operated in trust by Deutsche Telekom for Microsoft, to enable them to overcome US (and other rogue state) national mass spying activities.

Hold on a minute - It's been a little while since I read up on the provisions of the patriot act which US companies will be governed by whether at home or abroad, but my understanding of it at the time was that the US can (and does) request anything that it wants from a US company, and the company is obliged to give it to them. So unless the setup of MS in Germany is one where the actual data is out of reach of Microsoft, then such statements may be dubious at best. Oh yeah, doesn't the other part of patriot oblige the US company in receipt of a request to not disclose that request.

In fairness, Microsoft (outwardly at least) appear to be battling a 'good fight' on behalf of its business interests (customers).

Impetus

AnCatDubh wrote: »

Hold on a minute - It's been a little while since I read up on the provisions of the patriot act which US companies will be governed by whether at home or abroad, but my understanding of it at the time was that the US can (and does) request anything that it wants from a US company, and the company is obliged to give it to them. So unless the setup of MS in Germany is one where the actual data is out of reach of Microsoft, then such statements may be dubious at best. Oh yeah, doesn't the other part of patriot oblige the US company in receipt of a request to not disclose that request.

In fairness, Microsoft (outwardly at least) appear to be battling a 'good fight' on behalf of its business interests (customers).

Microsoft has put Deutsche Telekom in control of its cloud services platform in Europe. This keeps MS held cloud data, held by Deutsche Telkom (in Trust) out of the clutches of so called 'national security letters'.

If I can be more blunt, Ireland has accumulated a large number of data centres. Irish law provides no mechanism to fence these assets off, for US companies, such as Microsoft, so they can guarantee privacy and security to their non-US customers. Ireland risks losing many of these multi-national's Irish operations to Germany, Switzerland and other countries that have a more defined privacy law in place.

Even more importantly, no Irish company can go into this business, using an Irish base, and use the strong privacy legal platform as a selling point, for its online offerings.

Wake up and smell the coffee. It is a matter of €€€€€€€€€€€- and lots of them.

Ireland remains stuck in the past when it comes to policy innovation. Politicians and permanent government see no reason to seek out innovative ideas, because they seem to presume that the largely moron population, if I may use the phrase, does not expect them, to break eggs and innovate for a change.

Security issues have only started to arise over the past 20 years or so. The internet of things will raise security and privacy exposure (as well as the demand for mobile and fixed broadband capacity) x 1'000 over the next 20 years or so.

Ireland is an island, and away from the centre of things in Europe. Leadership in this area (IoT, cloud, security, privacy, etc) can be used to move the centre of gravity more towards the Irish direction.

Of course, one can put ones head in the sand, and say that some 80 year old guy in the West of Ireland who goes to a pub every night can't see the need for all this 'regulation and support initiative' regarding privacy and security. If there are enough of these people out there to vote when an election comes, any government (elected or permanent) can continue to collect their pay cheques and pensions - which seems to me the sole objective of government in Ireland over the not too distant past. Irrespective of the party in power. With little innovative to show for it.

The time when Ireland could use a 0% corporate income tax rate to attract manufacturing jobs is long gone. The country is too expensive as a manufacturing base -v- some Asian countries, and Brussels won't allow the 0% tax rate.

Things are getting even tougher on both these fronts, to name a few. New rabbits need to be pulled out of hats worn by people who think. And they need to be fostered and allowed to grow. Instead of adding layer after layer of bureaucracy to the system, as has been the mantra since 9/11.

Impetus

OSI wrote: »

So it's not the lack of infrastructure, technical knowledge or employment base that holds back Irish investment in this area, it's our privacy laws? You do know we already have some of the largest data centres in Europe here? Facebook, Google, Amazon, Apple and many other tech giants have massive operations in Ireland.

Absolutely. I am thinking about tomorrow, rather than today. One was involved with pushing the powers that be to act back in the day, when it was decided for the gov.ie to provide funding for fiber optic inks to IRL. As a result, Google, Facebook, Amazon AWS and Microsoft were quick to take advantege. Prior to that IRL only had a Telecom Eireann link to GB with a tin can at either end and string connecting them. After the Global Crossing initiative, there followed numerous links to Ireland via ever newer fiber optic technology. Ireland is probably in the best geographic location on the planet to act as an internet 'exchange' between Europe, USA and now Asia and Europe via the North West passage. Providing the lowest latency routes along the great circle route etc.

Now we don't need cash to be paid to Global Crossing to induce them to put some landing points in Ireland. We need a legislative base to make Ireland the legally most attractive place to base an internet based service. Attractive the the broad population / corporate. With due provision, via court approval to deal with drug dealers and similar. ie Eliminate systematic mass surveillance of normal people and normal law abiding companies.

The US has turned the entire US population into suspects with waiting times of up to 3h to go through carry on security in airports. Everybody's phone is bugged, with the data stored in Utah or wherever. This is an appalling imposition on people, so that the US can retain an ability to pretent-steal oil (as they did in Iraq, and fail in the exercise, killing a million or so souls in the prcess), and to generally abuse brown people - as did their Anglo Saxon cousins based in Europe (though they don't consider themselves European) have done in the middle East for more than a century.

Not only is it a good €€€€€€€€€€€€€€€€€€€€€€€€ for Ireland, it goes to the root of democracy, and civil respect for fellow human beings on the planet.

Any initiative towards data privacy and protection by gov.ie is going to be applauded by right thinking people on the planet.

Impetus

Goldman video on internet of things (IoT)

http://www.goldmansachs.com/our-thinking/pages/iot-meets-everything.html

Think of the security issues that will arise as a result.

Simple example, IoT lightbulb, connected to the internet so you can control energy use/switch on off using mobile phone app, etc ..... whatever. The bulb has no keyboard to enter wifi password. So, the two IoT light bulbs on the market today have a direct WiFi connection ability so you can log into the bulb from your mobile phone, to give it the password so it can connect to your WiFi system etc. With the result that your wifi system is left wide open, via your garden lamp or whatever it is on the IoT so that people outside your household can get into your home network via your IoT bulb.

Fine, you might say I don't need IoT light bulbs. But you (and the unwashed masses, which is another issue) will be attracted to various IoT products. Making the planet a drive-by wifi dream for black hat hackers.

Aside from that, my other observation from the Goldman video is that mobile broadband capacity in Ireland has a massive road ahead in terms of delivering speed and capacity. The clueless Comreg has done little to promote this. Allowing the merger of three and O2 has been a step in the wrong direction.... All they seem to care about is their 'increments' and pension 'entitlement'. Just like their politician masters. Meanwhile internet users (ie everybody) gets screwed.

UPC aka Virgin Media meanwhile retains a fat pipe monopoly in urban areas with zero fibre on site in terms of non-wireless - ie serious broadband capacity. Meanwhile Monaco and countries similar, who do not have politicians have 1GB internet and unlimited phone calls for EUR 45,00 per month. "There is something rotten in the state of Denmark" (read Ireland)

Impetus

The new Audi A3 comes with a 32 cm LCD display instead of a speedometer and RPM clock. You can set the display to show many different types of information, including Google Earth views of the countryside, as you drive. Numerous new cars had this feature or similar at the Geneva car show in 2016.

Video/pics: http://tinyurl.com/audia3display

Using the icons at the bottom, click on the middle icon to see the LCD with Google Earth.

Aside from being driver distracting, driving along the motorway at 120 km/h, if internet of things devices like this become popular, it will become a target for hackers and it will consume large amounts of mobile phone bandwidth to feed the high definition display in real time. Who knows what other applications are computer controlled in this car and how many of them are connected via an in-car network? The left hand icon shows the car self parking and auto-steering following the white lines on the road. I have many of these features on my car (not an Audi) and it is not connected to the internet. The second icon shows a video of the LED headlights that are also computer controlled, and may well be connected to a single car Ethernet. A hack to switch off the LED headlights in the dark is not inconceivable.

The car could become a new attack target, the more it becomes reliant on the internet. Even if the new car comes with bullet-proof internet security (there is no such thing), there is already a book out on ‘hacking’ Google Earth, and some people may be tempted to modify their in car navigation systems to avail of these features, perhaps weakening security in the process?

http://www.amazon.com/Hacking-Google-Maps-Earth/dp/0471790095

This is relevant to the OP's question and should be an interesting outcome either way.

http://www.irishtimes.com/business/technology/ruling-on-microsoft-s-irish-emails-unlikely-until-july-1.2660848