Anyone wonder where your country’s health records about all their citizens are stored? I’m guessing it’s all on either MS, AWS, or Google. That means Trump could get access to your medical history.
This is important because of his attacks on LGBTQ people, vaccines, abortion, autism, and who knows what other nonsense he wants to persecute.
And here in Canada the Liberal government is putting forth bill C-2, which opens up even more access to the US to get even records stored in Canada by Canadian companies.
https://www.eff.org/deeplinks/2025/07/canadas-bill-c-2-opens-floodgates-us-surveillance
Feel safe yet?
I am from the Netherlands and work at a hospital, we exclusively use Microsoft software.
Here in Italy all family doctors use Gmail for safety data regularly
Only if they aren’t using customer provided encryption keys (is using blob/bucket storage) or an equivalent approach to encryption at rest, and make sure they’re doing standard TLS for encryption in flight.
It’s absolutely possible, and standard for any decent organization, to build their cloud architectures to fully account for the cloud provider potentially accessing your data without authorization. I’ve personally had such design conversations multiple times.
It is possible to do things correctly. The question is, is it done often, and is it done on hardware you can trust. I’m somewhat confident if I run my services on bare metal, the provider would have a hard time getting my encryption keys, although it’s not impossible even in this situation. How many people do so with VPS and managed instances, where snooping around the runtime and exfiltrating data unbeknownst to the user is trivial?
Also, beyond that, how many fall for the convenience of things like SSE, whether it’s with customer provided keys or not? That should be a red flag, but people find it oh so convenient.
We’re bound to see stuff bubble out where “we did all the right things” boils down to clicking a checkbox in some web UI and be done with it in the future.
So how are American companies any different then Chinese? Everyone always says Chinese companies have to listen to their government. Never got how American companies would be any different.
They’re not different at all - the CLOUD Act (2018) and FISA courts already gave the US govt near-complete access to American tech companies’ data regarldess of where it’s physically stored, we just don’t talk about it as much as we do with China.
Until this abomination of a law, the US was different. But the GOP is quickly adopting every fascist idea they come across.
Until this abomination of a law, the US was different.
Press X to doubt.
It’s like he selectively forgot about the Snowden leaks
No they werent lmfaooo
Until this abomination of a law
The “patriot” act would like to have a word with you…
One is Chinese (bad, stinky) one is American (good, freedom).
Both are authoritarian shitholes that violate the freedoms of its citizens.
Time to listen to this banger again
Can EU please make an open source phone?
We have linux for computers, but we need a “linux” for phones (yes I know Android uses Linux Kernel, I’m talking about like a Libre Non-Google OS)
I’m holding my breath for the pinephone to be ready for primetime. I check in on it every so often to see what the current buzz is.
U have several fork of android some are great. The issue is I need google service for a lot of proprietary app like uber, banking app etc. Linux phone exist but without an appstore it s useless
That’s kind of the point. The EU could theoretically demand some Linux support from banks. It wouldn’t be a popular decision at first, but the consumer protection agency is capable of that, banks are capable of that, and it would help a lot.
I don’t think it would happen, it’s cheaper for banks to lobby against it than do a bare minimum, lobbying is cheaper than anything, but still, neat idea.
Does Graphene OS fit that description?
I thought gdpr forced companies to store data securely in the eu. Are they saying they’ll transfer that data to the us to give Trump access, cause that’s a gdpr violation and should result in fines and eventual removal from the eu market.
The CLOUD act and GDPR do indeed not work together.
and should result in fines
Hahaha should
There are provisions. I don’t remember the exact name of it, but basically, the US says “yah, these business are legit ok, you see?” and the EU is like “oh, ok, deal”. This includes the big providers and a handful of others, obviously.
And yes, it is a farce.
It’s still on their servers. They just give government access to data.
Does this also mean Microsoft would allow China to spy on the US if asked?
My assumption for many years now has been that the answer to any question involving MS giving access to your data is “yes.”
well… there is self-hosting too
YEAR OF THE LINUX DESKTOP, LETS GOOOOOOOO!
How is that news? The CLOUD Act is law since 2018.
I’m guessing the admits part and of course Trump is the current (quite jutified) bogeyman.
Continuing to do business in the US after the CLOUD act already implied enough.
Didn’t Microsoft say not too long ago not to worry, because they didn’t have to give access to data?
suck my arch btw
No one is safe anywhere…
It’s SO funny how apparently for almost 20 years we (as in the west outside the USA) decided that using Chinese cloud platforms or networking hardware was dangerous and to be avoided, but private US companies? Nothing to see here!
Silver lining of the orange man is that maybe countries will wake up and smell the digital sovereignty that we sorely lack.
Of course they would. That’s why I quit using their software.
lol any EU bureaucrat who thinks otherwise is either a useful idiot or themselves compromised?
just vassals lol
Then those EU firms should immediately make getting out of anything and everything Microsoft a top priority. As a US citizen, all our government and companies understand is personal profit and personal data hording. So make it hurt where they will feel it.
