Russian Law Demanding User Data Remain On Russian Soil Could Turn Into A Ban On Apple Products
from the old-man-rattles-saber-at-cloud dept
The Russian government's efforts to carve out its own internet continue. It's never been shy about its interest in accessing (and censoring) internet users' activity and data, what with its required registration for bloggers, demands for US-based companies to hand over user data and threats to block content stored on foreign servers -- and that's just since the beginning of this year.
A law outlawing the use of offshore servers to store Russian internet users' data and content goes into effect at the beginning of 2015. That means popular products like Apple's iPhone and iPad will all be technically violating Russian law with their automatic iCloud syncing.
This legislation can be partially blamed on the actions of Russia's most famous guest.
As the adoptive home of Edward Snowden, Russia is all too aware that many of its citizens' communications are stored on servers owned by the scary giants of Silicon Valley. Ultimately, the Kremlin is likely to be worried that cloud services offer the NSA a way to snoop on Russian citizens, state apparatchiks and perhaps even high ranking politicians.The Russian government isn't that concerned about its citizens being spied on by foreign agencies. It probably just hates the competition. But even acts of unbridled self-interest (state apparatchiks, high ranking politicians) occasionally result in net gains for the otherwise ignored public.
This ban will affect all US tech companies, but local coverage seems to imply that iPhone users will be the first to feel the results. The law effectively bans Apple's products unless it switches iCloud services off for Russian users or decides to rent some space on local servers.
This is more Russian government control wearing the outward trappings of NSA backlash. As The Register notes, earlier this year the Russian government demanded Apple and SAP turn over source code, presumably to check it over for surveillance backdoors.
Other countries have announced their intention to purchase network technology and services from non-US companies in the wake of Snowden's revelations, but much of the noise was there to deflect attention away from their own domestic surveillance programs. But in Russia's case, its surveillance/control desires lay much closer to the surface, if not out in the open completely. This law doesn't look much like NSA backlash. It looks like a convenient excuse for government expansion.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cloud, localization, russia, surveillance
Companies: apple
Reader Comments
Subscribe: RSS
View by: Time | Thread
and the difference between Russia, a communist, self-serving country, riddled with surveillance, often chastised for the lack of freedom and privacy of both citizens and businesses, and the USA, the UK, Australia and New Zealand, as well as many other supposed democratic countries is exactly what??
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
the new arms race
Because, like it or not, the United States sets the world standard. In just about everything, good, bad, ... and ugly. And if the US gets away with spying on its own people (in a hundred different ways, no less) then of course that establishes a blueprint for every other country in the world to follow.
And the same way that the US started an arms race in nuclear technology, now the US has started what is sure to be another arms race, this time in digital spying technology. And then, as now, the Russians don't want to be left behind.
[ link to this | view in chronology ]
Re: the new arms race
No. That was Kruschev blustering about missile production he didn't have. We took him at his word because at the time we didn't have the spy tech to contradict him.
[ link to this | view in chronology ]
Re: Re: the new arms race
[ link to this | view in chronology ]
And yes I know Putin has other agendas with the data as well. But listen - it's like this:
Say the US says "we're against torture and we promote freedom of speech" - you countries X, Y and Z are BAD for doing torture and silencing opponents!
Maybe at least the people in those countries will see a point in US's vision and demand the same kind of protections in their countries, too. But then US starts DOING torture and silencing critics. What credibility will US have then? ZERO.
Same with the data hosting. Whether Putin, China and others will use this data to crack down on their own citizens is an entirely different matter. But US GAVE THEM A REASON to adopt such laws, by stealing their users' data THEMSELVES.
So as I said - can't blame them AT ALL - no matter what they plan to do with the data - that's an INTERNAL issue and the citizens of that country need to deal with it. But keeping the data internally is their prerogative.
[ link to this | view in chronology ]
Re:
If you are going to lecture other countries on such matters then you must live up to your own hype. The US, UK and various other countries do not and yet still try to lecture. It is nonsense.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Wider Implications?
[ link to this | view in chronology ]
Will it? How exactly does Russia intend to enforce the law against US companies operating on US soil?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
unintended consequences
I wonder if I need to visit Russia to get one of their credit cards that will be immune from US/EU blacklists?
http://rt.com/business/202839-russia-bank-issues-card/
[ link to this | view in chronology ]
That isn't what it says
[ link to this | view in chronology ]
[ link to this | view in chronology ]
That's not a bad idea at all, actually. One of the most fundamental laws of cryptography and information security, Kerckhoff's Principle, essentially states that you can't trust any product to be secure if you can't analyze the system. For software, that means getting the source.
[ link to this | view in chronology ]
Re:
Asking to look at the source code doesn't get you very much unless you also get to build it yourself and use that build.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
What Russia very likely demanded and got is probably the same thing the the US government gets from the company that I work for: the ability to review the source code in controlled circumstances under observation, but not actual possession and control of the code. This is usually how these things are done.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
It's turtles all the way down. This is another reason why source code examination is insufficient if what you want is 100% assurance. However, if what you want is 100% assurance of anything, then you're seeking the impossible.
From a security point of view, it is advisable to assume that all software and hardware is compromised and to put into place multiple layers of anomaly checking to make it as difficult as possible for hacks to go undetected if they're used. You can't get 100% security, but usually getting 99.9% is good enough.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
After the Snowden revelations
[ link to this | view in chronology ]
[ link to this | view in chronology ]
No point
[ link to this | view in chronology ]
Re: No point
[ link to this | view in chronology ]
Re: Re: No point
Historically, the major nations have all so thoroughly infiltrated each other that they effectively have no secrets from each other anyway. Even that biggest of US secrets (that we know of) such as the development of nuclear weapons, spy satellites, etc,. were well known to the Soviets all along. And we knew theirs as well.
But that doesn't stop every nation from trying to prevent that eventuality!
Remember also that the main purpose of governmental secrecy is not as much to prevent its enemies from learning the secrets (since they probably already know anyhow) as it is to prevent the citizens from learning them.
[ link to this | view in chronology ]
Re: Re: Re: No point
If that were true, then the Iraq invasion would never have happened, because the US government would then have known the truth about the (phantom) nuclear, chemical, and biological weapon stockpiles that Iraq was supposedly amassing, as well as Iraq's (non-existent) partnership with Al Quaide and (equally non-existent) plans to launch those weapons against the United States and therefore exterminate the population.
Bush Jr. was interviewed today promoting his new book, and once again on the subject of Iraq, he says he regrets nothing. Not even regretting the abysmal lack of intelligence -- both within the Pentagon and between his ears.
[ link to this | view in chronology ]
Re: Re: Re: Re: No point
I think they did know.
[ link to this | view in chronology ]