Europe's Largest Internet Exchange Decides To Open US Office, Risks Making Itself Subject To NSA Demands

from the and-that's-a-good-idea-because? dept

The Internet may be a series of tubes, but those tubes have to be joined together. That takes place at Internet exchanges (IXs), where different ISPs can pass on and receive data. One of the largest and most important such IXs is AMS-IX, which is based in the capital of the Netherlands, Amsterdam. Techdirt reader Dirk Poot points out that AMS-IX has just made the following move:

the Board of the AMS-IX Association proposed the set up of a US-based legal entity for possible expansion to the United States. In an extraordinary General Meeting (GM) held on 27 September 2013, AMS-IX members approved the set up of a US-based legal entity by a majority of votes.

Recently, an opportunity arose with the Open-IX initiative for AMS-IX to expand and build exchanges in the US. Representatives from US-based content providers and telecom operators -- many of them current AMS-IX members or customers -- as well as other Internet industry parties, such as datacenters, founded this initiative. It aims to encourage the development of neutral and distributed Internet exchanges and reduce IP interconnection complexity and cost in the US. In the US this is more complicated and prices are higher than in Europe, where the neutral and distributed Internet exchange model is more common.
It's understandable that US content providers and telecom operators would want to reduce their costs in this way. But as an email written by Erik Bais to AMS-IX members points out, there is a huge risk here for AMS-IX:
Having an US entity within the (AMS-IX org. structure) association / [AMS-IX B.V. company] will directly bring the [AMS-IX B.V. company] and indirectly the association under the influence of the infamous Patriot Act and FISAA.
Specifically:
For the AMS-IX US entity (under US Law) they will receive the official request for the information [passing through AMS-IX], which they are required to send through to their holding company (which is AMS-IX B.V.) as the information or connection isn't on US soil, but in Amsterdam.

1. Denying such request means that they US Entity will most likely be in contempt of court, bringing the US entity and its management in a situation where they can't deny the request of the US Government and the AMS-IX Management. It is a very difficult split between 1 party whom doesn't want to provide the information (Let's assume the AMS-IX B.V. doesn't want to provide the information) and the US Government who has the right to request and all the paperwork and laws at hand to request it.

2. Information in this case could mean: Information about, but also information from (data).
In other words, by opening an office in the US, AMS-IX might be forced by US laws to give the NSA direct access to the huge flows of data at its European Internet exchange.

AMS-IX has this to say about the way its US office would be set up:

The chosen structure will need to protect AMS-IX's current operation and the AMS-IX Association's customers and members from commercial, legal, financial and technical risks and, more specifically, from interception activities by US government agencies.
There are two issues here. One is whether such a legal structure that protects AMS-IX's European operation from the NSA's demands exists or not. And even if it does, there is the question of trust. Once there is the possibility of the NSA demanding access to the AMS-IX traffic, there will always be the fear that it is being granted, even if AMS-IX denies it. After all, if access were granted to the NSA, AMS-IX would be forbidden from talking about that fact, and so it would be impossible to tell what the true situation was.

As a result, it's hard to see how anyone in Europe can really trust AMS-IX again if it goes ahead with this proposed move to open a US office, which means it could lose a lot of its current and future business. That seems a heavy price for a European organization to pay for something that will largely benefit US companies.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ams-ix, europe, internet exchange, ix, jurisdiction, nsa, nsa surveillance, us


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Androgynous Cowherd, 1 Oct 2013 @ 11:30pm

    Several points.

    1. Could any US agency, even the NSA, really demand the production of documents (let alone the installing of wiretaps) from offices and servers (and on cables) physically not located inside the United States? Wouldn't they be limited to demanding production of records physically held by the US office?

    2. Couldn't AMS-IX implement the thing Techdirt suggested just the other day, and issue regular statements that they emphatically do not share information from their EU servers/cables with the NSA ... until and unless forced to do so, whereupon those statements would simply cease? That would let them have trust, perhaps.

    3. Isn't this whole thing moot anyway? That exchange will already be being tapped by some Netherlands or EU intelligence agency, and that agency will already be broadly sharing information with the NSA (and vice versa -- as has already been revealed in the case of the NSA and Israel's sigint organization).

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 1 Oct 2013 @ 11:43pm

    Maybe AMS-IX, can't resist the double-dip profits they've been hearing about in the US. Charge tier providers to use the exchange, then turn around and charge NSA to snoop on the exchange.

    Everyone worldwide has heard stories about USA fiber optic networks being paved with double-dip gold.

    I'm sure the millions of taxpayer dollars the NSA Spy Agency will pay AMS-IX, will more than offset the complexity and increased prices in the USA compared to the EU. In fact, I'm sure they're counting on it.

    link to this | view in thread ]

  3. icon
    Josef Anvil (profile), 2 Oct 2013 @ 12:02am

    Not a big deal

    It may be time to ease off the NSA and turn the camera lens elsewhere. Yes the NSA got caught.

    Now the whole world is pointing at the US for spying on its citizens. The USA is not alone in that activity, it's just public information now.

    You can be assured that most of the governments in the EU are snooping through their citizens' data as well.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 2 Oct 2013 @ 1:58am

    Re: Several points.

    For the first one, from my understanding, the physical location of data is not important. If you're US based entities, you have to obey US court orders, as well as any US laws applicable. Period.

    Otherwise the tax department cannot collect tax based on information provided by Swiss bank years ago. (The money is, you may call it, physically stored outside US boundaries)

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 2 Oct 2013 @ 2:24am

    i bet this is being done for the very reason of allowing the NSA into the company. just think of the further benefits if there is a way such as this that the NSA can get even more data and do even more spying on the EU. they must have been given a hell of a lot of 'encouragement'. surely, given what has been going on, no company is going to allow itself to be willingly added to the fray for no reason?

    link to this | view in thread ]

  6. icon
    Ninja (profile), 2 Oct 2013 @ 3:27am

    I don't think the US can ask for data from their international branch no matter how much it kicks and screams. Trying to take it by force will make them look eve worse than they already are. Not that it seems to stop the US nowadays.

    link to this | view in thread ]

  7. identicon
    Orly, 2 Oct 2013 @ 4:01am

    LINX DE-CIX ...

    Interesting so much noise around the AMS-IX given that LINX and DE-CIX the other 2 large European Internet Exchanges already announced opening operations in the US

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 2 Oct 2013 @ 5:22am

    While it's easy to argue the negative points of opening any business in the states right now, it's also easy to see there's plenty of easy money to be made by a large tier. Providers won't care as any existing infrastructure is already being spied on, it will be just another transit to users.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 2 Oct 2013 @ 5:40am

    The US government already hacks in to steal their data

    The NSA already showed us that they hack in to steal data where people won't give it willingly. So they probably already have access to this data through illegal means.

    link to this | view in thread ]

  10. identicon
    Jakub, 2 Oct 2013 @ 6:14am

    retro-activity

    maybe the reason they do this is because they already hand out all the information but aren't covered by any law. so now they will be and as i see the laws are written for PRISM and stuff maybe retro-activity is already in there ;)

    link to this | view in thread ]

  11. icon
    Beta (profile), 2 Oct 2013 @ 7:05am

    Re: Re: Several points.

    Wanted: Executives for new US-based Internet Exchange company. Competitive salary and benefits. Must be prepared to act as hostages of the US government, up to and including imprisonment for failure to obey impossible orders. Dutch holding company will not pay ransom or legal costs. Applicants with relatives in Amsterdam will not be considered.

    link to this | view in thread ]

  12. identicon
    Annie Thropic, 2 Oct 2013 @ 8:18am

    Re: Not a big deal

    Don't agree. What differentiates the NSA and the other spy agencies (mainly in Europe), is that the NSA, when caught, lied in their teeth.

    They lid to the courts, they ignored court judgements, they lied to congress, they lied to the public, and when they lied to the public, they were so incompetent as to lie to the public in such a way as to insult the intelligence of every American (such as it is). I believe they even lied to the President, not that he would mind or have any power to do anything even if he was sufficiently bright to be aware of it - which I think is in legitimate question.

    For me anyway, it is as much about the dishonesty and their very obvious sense of impunity (which can only be carried off with the nod from number 1) and what all of that implies about the worlds number one bully. America.

    Add that to the other Clapper domains of CIA, assassination programs, rendition, drone strikes and it really ought to be seriously depressing for any American with an IQ greater than a carrot. What depresses me is that it appears not to depress them, certainly they don;t seem to be able to do anything about it.

    Annie

    link to this | view in thread ]

  13. icon
    John Fenderson (profile), 2 Oct 2013 @ 9:59am

    Re: Several points.

    Could any US agency, even the NSA, really demand the production of documents


    Anybody -- you, me, or any random government agency -- can demand anything we want to. The real question is if the exchange is compelled to comply with the demand. Legally, they may not be, but there are other ways of forcing compliance (threatening to take away lucrative contracts or important access, for example).

    Isn't this whole thing moot anyway


    In a sense, perhaps. But it's important to fight against giving greater access even if there are already other ways for them to get the same information.

    If you have a cracked dam, it's important to avoid punching new holes in it even though the water can already get through other cracks. More holes just makes the dam harder to repair.

    link to this | view in thread ]

  14. icon
    John Fenderson (profile), 2 Oct 2013 @ 10:01am

    Re: Not a big deal

    It may be time to ease off the NSA and turn the camera lens elsewhere


    I couldn't disagree more. Easing off the NSA now means that the abuses will not only continue, but get more egregious.

    We can also look at the other bad actors, though.

    link to this | view in thread ]

  15. icon
    Gerald Robinson (profile), 2 Oct 2013 @ 10:15am

    AMS-IX

    This could benefit everyone by providing some competition to the AT&T, Verizon, Time Warner, COMCAST oligopoly—which must be broken up.
    But maybe its no big deal as they are already supplying NSA the data either directly or, via the UK or the Germans.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 3 Oct 2013 @ 11:16am

    Re: Re: Several points.

    Well if you set it up so that someone in Amsterdam would need to actively provide access, that person in Amsterdam would fall under Dutch law and would be legally prohibited from complying.

    So the only thing the Dutch entity would do would be to make it physically impossible to comply with any NSL is FISC order remotely and strictly deny physical access to any employee or representative from the US subsidiary.

    Worst thing that could happen? They have to close or sell off the US operation. Other option? Set the US operation up as a completely seperate legal entity with no legal ties to the Dutch one, only fund them through loans.

    There are options, it's just completely retarded that we even have to consider them.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.