I don't know many people who are happy about the revelations of NSA spying that have come to light since Edward Snowden began releasing documents back in June, but the EU has reacted in typical bureaucratic fashion: It has proposed meaningless regulations.
The New York Times reported on Sunday that The European Union has proposed two regulations in response to the surveillance: One regulation according to the article would require a statement of the legal ramifications of any data transferred to the US. In other words: Warning, the data you are about to transmit is probably traveling through NSA servers. That should result in changing absolutely nothing because of course everybody knows that's happening and the statement is surely not going to alter behavior.
The second regulation would require several conditions be met including that the user must provide consent, and again they must be informed in clear language that their data transmission could be subject to surveillance in the US.
This isn't likely to stop anyone from using the cloud to transfer data, but these and other regulations could create obstacles to the smooth movement of data between jurisdictions. Already we know, the EU has passed sweeping data protection regulations in response to the Patriot Act that details how cloud providers must protect data on their servers.
More recently, we have seen the president of Brazil react to the spying by proposing an in-country cloud which would require that Brazilian data must remain inside Brazil and not travel to servers outside the country. This could of course severely restrict international cloud providers and force them to build in-country data centers jacking up their costs, and probably increasing the costs for consumers and businesses who buy cloud services.
What's more, Brazil wants to build its own internet pipe between South America and Europe in order to bypass internet servers in the US, again in reaction to the disclosures that US intelligence agencies have listened to conversations of Brazil's head of state and other high level officials.
While each of these countries is well within its rights to draft whatever regulations it deems necessary to protect its citizens --and certainly the US has given them every reason to do so --simply adding statements to every data transmission isn't going to solve this problem. Neither is isolating data in private or country-based clouds.
We have learned for instance, that trade regulations, even when written with the best of intentions, often create more issues than they solve --and the free flow of goods and services benefits nations in the long run, even if it hurts individual industries in the short term. We should think of the flow of data in similar terms. When data moves freely across borders, everyone is going to benefit. The more restrictions you place on the free flow of data, the more expensive it will be.
Sure, protect your citizens however you see fit, but don't just throw out silly regulations that won't have any impact. All it does is annoy people without having any appreciable effect on the problem they are hoping to solve --and that doesn't make much sense at all.
Photo Credit: CanStockPhoto