Internet Privacy in Australia ends October 13, 2015.

17pm · 10 Oct 2015, 09:09 PM

http://www.echo.net.au/2015/09/priva...tober-13-2015/

robn · 10 Oct 2015, 09:29 PM

Here's our analysis of what means for FastMail: http://blog.fastmail.com/2015/04/09/...etention-laws/

tl;dr: it doesn't apply at all.

PON · 12 Oct 2015, 07:58 AM

No reasonable person could disagree with

Quote:

Forcing an Australian company to reduce IT infrastructure investment in Australia and creating an inferior experience for Australian customers, while providing no proven law enforcement benefit for anyone feels like a massive mistake to us.

Given a choice between using a service that respects users privacy and one that doesn't I will choose the former as a matter of principle.

Microsoft is currently trying to resist US government demands that it hand over customer data stored in Ireland, and now, on foot of a referral from an Irish court, the European Court of Justice has ruled that data on European citizens must be stored in Europe (unless they have explicitly consented to the contrary).

We are all facing a moment of truth in deciding whether to stand up for privacy and refuse to be "protected" by the US. I choose privacy as a human right. I would prefer if my mail was stored in Europe and subject to EU data protection law. Am waiting to see what happens now, like many. I am not at all happy to have my email stored in the US. Not because it has anything worth hiding, but because I agree with the court.

Bottom line: I would like Fastmail to provide an option for European customers to host data in the EU, preferably in a non 5-eyes country. And yes, I am willing to pay a premium.

malcarada · 12 Oct 2015, 03:25 PM

I am wondering if anybody knows if this will affect Fastmail too:

EU rules that US companies can't freely pull data out of Europe

http://www.engadget.com/2015/10/06/e...out-of-europe/

janusz · 12 Oct 2015, 08:10 PM

The last time i checked Australia was not in Europe.

PON · 12 Oct 2015, 09:54 PM

Companies hosting data in the US concerning European citizens are affected.

Last time I checked I was

1. A Fastmail customer
2. A citizen of an EU country

I assume that Fastmail's systems in the US are subject to US law and not Australian law.

BritTim · 13 Oct 2015, 07:53 AM

My interpretation of the EU law is that it prevents companies collecting data in Europe from then replicating that data in the US. I do not think it was intended to disallow European citizens from signing up to a service that uses US servers. If it did, Amazon, for one, would probably no longer be able to accept orders from Europe. If my interpretation is correct, Fastmail seems unaffected by the new EU rules.

PON · 13 Oct 2015, 08:55 AM

Sounds reasonable but I'm not so sure. (I've read a draft of new legislation, admittedly over a year ago). The principal focus is on data controllers and subjects. Not saying there aren't provisions covering transfer; there are.

I have read that Facebook, Google and others will be affected, because of who the data subjects are, not because of how the data came to be outside the EU. Compliance with EU norms will be required of companies doing business in the EU.

No doubt there will be a further iteration of Safe Harbour. That's important and worthwhile, but my personal position is that I'd prefer to have my mail hosted in the EU.

David · 13 Oct 2015, 09:31 AM

Internet privacy (everwhere in the world) ended a long long time ago, IMHO.

BritTim · 13 Oct 2015, 03:34 PM

Quote:

Originally Posted by PON

Sounds reasonable but I'm not so sure. (I've read a draft of new legislation, admittedly over a year ago). The principal focus is on data controllers and subjects. Not saying there aren't provisions covering transfer; there are.

I have read that Facebook, Google and others will be affected, because of who the data subjects are, not because of how the data came to be outside the EU. Compliance with EU norms will be required of companies doing business in the EU.

No doubt there will be a further iteration of Safe Harbour. That's important and worthwhile, but my personal position is that I'd prefer to have my mail hosted in the EU.

It would not be the first time the EU has introduced laws without thinking them through. However, if you are anywhere near correct, let's look at some consequences:

The normal way EU citizens now get authorization to visit the US is by applying for an ESTA online. If no storage of data on EU citizens outside the US is permitted, use of the online ESTA application service would not be possible. Even an alternative solution via the US embassies might not be allowed, as the embassies would presumably use US based servers.
As already indicated, many major online ordering sites are located inside the US. Will EU citizens no longer be allowed to use them?
Use of credit cards overseas requires a certain amount of information to be shared between the merchant and the card holder's banlk. Are we going to stop using credit cards when traveling outside the EU?

There are countless other examples. Any law to proscribe holding information about EU citizens outside the boundary of the EU is going to be very limited in scope, or cripple modern commerce and online services.

PON · 16 Oct 2015, 07:36 AM

Blanket prohibition of the storage or transmission of data on EU citizens was never the point, rather storing and handling data in compliance with EU law. Non-compliance simply means a removal of authorisation to do business in the EU. It's not really an option for large corporation, which is why Google has had to comply with the "right to be forgotten" provisions.

I wonder which EU legislation you're concerned about?

Human rights legislation?
Equal pay for women?
Data protection?
Company law?

I've actually spent some time working on adapting the latest draft EU privacy directive for voluntary adoption by a large global organization and I can assure you that it is very well thought out and that great deal of work and consultation over many years went into it.

We seem to be heading for a fairly dystopian future.

10 Oct 2015, 09:09 PM	#1
17pm Cornerstone of the Community Join Date: Sep 2013 Posts: 536	Internet Privacy in Australia ends October 13, 2015. http://www.echo.net.au/2015/09/priva...tober-13-2015/

10 Oct 2015, 09:29 PM	#2
robn Master of the @ Join Date: May 2012 Location: Melbourne, Australia Posts: 1,007 Representative of: Fastmail.fm	Here's our analysis of what means for FastMail: http://blog.fastmail.com/2015/04/09/...etention-laws/ tl;dr: it doesn't apply at all.

12 Oct 2015, 03:25 PM	#4
malcarada Senior Member Join Date: Feb 2008 Location: European Union Posts: 184	I am wondering if anybody knows if this will affect Fastmail too: EU rules that US companies can't freely pull data out of Europe http://www.engadget.com/2015/10/06/e...out-of-europe/

12 Oct 2015, 08:10 PM	#5
janusz The "e" in e-mail Join Date: Feb 2006 Location: EU Posts: 4,945	The last time i checked Australia was not in Europe.

12 Oct 2015, 09:54 PM	#6
PON Essential Contributor Join Date: Mar 2002 Location: Wicklow, Ireland Posts: 449	Companies hosting data in the US concerning European citizens are affected. Last time I checked I was 1. A Fastmail customer 2. A citizen of an EU country I assume that Fastmail's systems in the US are subject to US law and not Australian law.

13 Oct 2015, 07:53 AM	#7
BritTim The "e" in e-mail Join Date: May 2003 Location: mostly in Thailand Posts: 3,095	My interpretation of the EU law is that it prevents companies collecting data in Europe from then replicating that data in the US. I do not think it was intended to disallow European citizens from signing up to a service that uses US servers. If it did, Amazon, for one, would probably no longer be able to accept orders from Europe. If my interpretation is correct, Fastmail seems unaffected by the new EU rules.

13 Oct 2015, 08:55 AM	#8
PON Essential Contributor Join Date: Mar 2002 Location: Wicklow, Ireland Posts: 449	Sounds reasonable but I'm not so sure. (I've read a draft of new legislation, admittedly over a year ago). The principal focus is on data controllers and subjects. Not saying there aren't provisions covering transfer; there are. I have read that Facebook, Google and others will be affected, because of who the data subjects are, not because of how the data came to be outside the EU. Compliance with EU norms will be required of companies doing business in the EU. No doubt there will be a further iteration of Safe Harbour. That's important and worthwhile, but my personal position is that I'd prefer to have my mail hosted in the EU.

13 Oct 2015, 09:31 AM	#9
David Ultimate Contributor Join Date: Dec 2001 Location: Canada. Posts: 10,355	Internet privacy (everwhere in the world) ended a long long time ago, IMHO.

16 Oct 2015, 07:36 AM	#11
PON Essential Contributor Join Date: Mar 2002 Location: Wicklow, Ireland Posts: 449	Blanket prohibition of the storage or transmission of data on EU citizens was never the point, rather storing and handling data in compliance with EU law. Non-compliance simply means a removal of authorisation to do business in the EU. It's not really an option for large corporation, which is why Google has had to comply with the "right to be forgotten" provisions. I wonder which EU legislation you're concerned about? Human rights legislation? Equal pay for women? Data protection? Company law? I've actually spent some time working on adapting the latest draft EU privacy directive for voluntary adoption by a large global organization and I can assure you that it is very well thought out and that great deal of work and consultation over many years went into it. We seem to be heading for a fairly dystopian future.