"All his accounts with US companies such as Amazon, Airbnb, or PayPal were immediately closed by the providers. Online bookings, such as through Expedia, are immediately canceled, even if they concern hotels in France."
The Law requires that they do it if their (the US) government demands.
If you are asking how it's OK, it's not. It's wrong on many different levels. But it's legal (or at least the US has laws that mandate that same thing, I don't know if they were the ones applied here).
A US company is free to cut off service to whatever foreigner it wants, just like a foreign country is free to ban whatever US firm it wants from operating in it.
Can you link an article or at least mention some more keywords? A super vague search query based on this information, like "costa rica banning us firm consequences", isn't turning up anything that sounds relevant
> The US government is not free to use frivolous sanctions to indirectly make payment processors stop serving a foreigner.
You may regard them as such, but they are not in any sense frivolous. It is the law that if-x-then-y, it's not a discretionary item that one interprets. And to be clear, these are not "indirectly" making payment processors stop serving the person, it is very clearly direct and you do not, as a company, have a choice in the matter.
1. The law in question does not compel the US Government to bend over backwards to protect foreign nationals from prosecution for war crimes.
2. The US Government plays incredibly fast and loose with laws that compel foreign policy from it. If its adherence to them is discretionary, you can absolutely piss on it for being discretionary in this case.
Companies can voluntarily close accounts for almost any reason or no reason. The US government needs a legal justification for forcing companies to close an account.
The legal justification literally is “we put this person on the sanction list because national security.” The sanction process is basically its own legal justification.
IIUC Snowden sent complete trove to two publications only, and one of the computers containing the trove is destroyed through and through, disabling that publication for Snowden leaks.
Moreover, again as I understand, after a certain point the leaks are stopped, because the message was sent, and people now know the most important bits behind the curtain.
They are most likely compatible until a national security letter arrives. An American company then has to choose which law to comply with, and it's an easy choice.
But companies can be a lot shadier than we give them credit for. Like, remember that "wink payment" contract between Google and Israel? If Google knew what they were doing, they accepted the contract to do the illegal thing, so they'd sell their product and get money, but they were planning to simply not do the illegal thing, breaking the contract (the customer would never know and if they somehow did, you can't stop using a cloud on a dime) but not breaking any laws.
If Microsoft knows what they're doing, they'll accept contracts from EU customers that say "we will never give your data to US authorities", they break it immediately, don't tell the customer and the customer never finds out.
Alternatively, they can give the US government a bunch of nothing, in order to comply with the EU customer contract, and pretend this is all the data the customer had on their account. I doubt this will happen though.
Theres a difference between as an intelligence organisation having access to data, and "someone in power is angry because they watched a TV advert, I want to see what they know"
but, your over all picture is still, sadly correct.
* Limit the damage that a person can do- IE; don’t aggregate everything in the hands of one person.
* Tonnes of oversight into who accesses the data and why.
In theory the US chooses the latter, but only for nationals and the snowden leaks were proving that this was basically just a rubber stamp and constantly was bypassed on technicalities..
.. outside of the US, there’s no legal framework to protect your data from US authorities, no matter who they are, at all.
They couldn’t be more different. One is doing it in secrecy and for a “reason”, to spy on someone. The other one will do it in public because he can and doesn’t like your name.
> One is doing it in secrecy and for a “reason”, to spy on someone.
When it's secret, how can you ever check? Even if it was just because the person on top or in the middle had a personal judge, they'll always say it was for legitimate spying purposes and no-one has any way to call them out.
MSFT already operates in Europe via subsidiaries for a whole host of reasons. But hiving certain assets off in a subsidiary is very rarely effective to avoid laws and regulations that apply to the parent. The parent controls the subsidiary so a court or regulator having jurisdiction over the parent could order it to get what it needs from the subsidiary. This is particularly so in the US, which is kind of known for enacting overreaching extraterritorial laws.
> The parent controls the subsidiary so a court or regulator having jurisdiction over the parent could order it to get what it needs from the subsidiary.
But what if the parent’s jurisdiction orders the parent to order the subsidiary to do something illegal in the subsidiary’s jurisdiction? If local management obey the order, they risk being prosecuted by their jurisdiction’s authorities-so they’ll likely refuse. What is the parent going to do then? Fire them? But will any replacement act any differently? “Is this job worth going to prison over?” Most people answer “no”, and people who answer “yes” won’t last, because you can’t run a subsidiary from a prison cell.
I think the real issue here is that the US gets away with it because the EU is still so dependent on the US (see NATO) they can’t push back fully, at some point a political calculation takes over. So it could be that the US parent orders the subsidiary to do something illegal under EU law, and then the EU authorities choose to ignore it.
The laws I have read used the term “effective control”; if a shareholder is able to control the org (eg can replace the CEO or board), they are obliged to comply with government orders regarding that org.
There are attempts to lösen the control from the U.S. side like a cooperation between Microsoft/Azure and SAP or Google and T-Systems (deutsche Telekom) where the German side would run an "air gapped" region of those cloud stacks.
However I believe the rates in the end were too high to win notable contracts, but I haven't followed along in a while.
I'd be surprised if this isn't already the case. The extent to which you can do business in the EU without legal presence is limited.
It is not a huge amount of protection though. I mean we've already established that selling to 'terrorists' can be sanctioned even when selling through an intermediary. So what's stopping the US from ordering Microsoft to stop selling licenses to the ICC?
And then we've not touched on who is in control of the closed source of the many proprietary applications.
It's not about having a subsidiary, it's about the technical structure of 365 meaning Microsoft US has access to Microsoft EU servers and thus US employees can be compelled to follow US court orders.
They simply don't separate the infrastructure this way AFAIK.
Yes, and the Cloud Act pretty much forces upper management to ensure that there is always a US IT guy that can be compelled to implement the wishes of The US Federal Government, as the penalties apply to executives of US companies, too.
We can quibble about whether the term "threaten", which implies some moral wrong doing, is correct though. It's a law with defined criminal penalties. That's how criminal law works
If you’re Microsoft do you really want to anger the federal government? Companies aren’t as cavalier about taking them on as they used to be. They’re likely Microsoft’s largest customer by far, and they have the power to end you (which they nearly did once).
Everything we have seen over the last few years (eg what microsoft is doing to Windows) points to a push to make the platforms we used to control, more like the 'consumption' platforms. Profit demands it.
"Does this serve my goals, or someone else's metrics?" indeed.
Oh? I think the outrage over making the reader feel like "a bad or prejudiced person" that accompanies any invitation to challenge assumptions is so tedious.
How come this culture war mindset infuses everything we do online now?
Nowhere does this map or its description even imply you are a bad person.
"Deciding to put south, or north, at the top of maps is a decision of consequence. Psychologically, we tend to view things nearer the top as ‘good’ and those lower as ‘bad.’ This can influence our interpretation of maps at both global and local scales."
There it is, the implication that "North is up" is morally bad. Since it's an implication, it does not need to be read that way, but it's clearly there.
> Psychologically, we tend to view things nearer the top as ‘good’ and those lower as ‘bad.’
The oldest maps in the world and in Europe are oriented North at the top and the essential feature in the middle. For the Babylonians it was the Euphrates and Babylon itself. For the Europeans it was the Mediterranean. The implication that everyone sees up/North as better means that generations of Greek or Roman cartographers just accepted that the barbaric northernmost regions of Europe are "better", which is patently false.
Religions that use the cross as a holy symbol also use the Trinitarian formula (In nomine Patris et Filii et Spiritus Sancti, amen) while making the cross. God the Son is the second in the trinity but is put at the bottom of the cross, while God the Holy Spirit is the third yet sits higher. This is also deeply rooted in people's psychology.
> The oldest maps in the world and in Europe are oriented North at the top
This isn't true, the oldest maps from the Middle Ages were oriented towards the East. (In fact the very word "orient" refers to the East.) The convention of putting north at the top is only a couple of centuries old.
The oldest world maps were drawn long before the Middle Ages.
The oldest known world map is the Babylonian Imago Mundi from around the 6th century BCE which has north at the top. Claudius Ptolemy's Geographia also specified north was at the top in 2nd century.
Historically, the prize position on a world map was not the top, but the center.
It wouldn't have killed you to look for something slightly older, seeing how I mentioned Babylon.
The oldest European map, of Greek origin, unsurprisingly has the Aegean at the center, and North pointing up.
Creativity historically played a part in drawing maps but the "up on the map is better" philosophy is rejected by the reality of the first documented maps.
> There it is, the implication that "North is up" is morally bad. Since it's an implication, it does not need to be read that way, but it's clearly there.
I see the statement that the decision of orientation might seem neutral but doesn't turn out that way, but I think reading it as making a moral judgment about any particular orientation might be a stretch. At most, I see it as advocating for the importance of seeing multiple orientations to be able to see the world from multiple perspectives.
In this corner, evidence from the last decade of moralizing over minute historical choices ad nauseum, and in this corner, common sense literal readings in good faith.
These will never meet except in disagreement, and this thread is just more of that.
>Deciding to put south, or north, at the top of maps is a decision of consequence. Psychologically, we tend to view things nearer the top as ‘good’ and those lower as ‘bad.’ This can influence our interpretation of maps at both global and local scales
I think they are certainly doing a lot of inferring here, but I wouldn't call it "pure projection."
So what's stopping anyone from forming a group or foundation based on donations from like-minded people? And maintain a secure, free fork? I see this topic often enough on HN, this might a big enough group.
Currently Ladybird has 200k USD from FUTO, 100k USD from Shopify and then a bunch more from ProtonVPN, Ahrefs, etc., they also have 7 full time employees and a bunch of volunteers: https://ladybird.org/#faq
They fall short of the numbers you suggest, but it's kind of encouraging that some people can do that for an entirely new project. Time will tell how it works out for them, but I could feasibly imagine a Firefox fork gaining similar ground, should people get tired of Mozilla's stewardship for whatever reason.
After all, even something like 3% of the market share is way more of a proof of feasibility than 0% and if you get a bunch of money when that figure is 0% like Ladybird, things can only get better for a project built on established technology.
Good for Ladybird, but I don't think they can support all the complexities of the Web with only 7 develops (but perhaps with enough volunteers they could - 7 is enough to do the hard thankless work while volunteers do the more interesting bits). Between all the weird layout rules, required speed to be useful, and security (last only because with out the other two you automatically have perfect security since with no users holes cannot be exploited).
If I had 7 disposable engineers, I'd built an open source modular browser that allows individual components such as rendering engine, JS engine, WASM runtime, etc. to all be swapped out for alternative implementations. The browser itself would basically be a shell and SDK. It's ludicrous that someone has to either completely reinvent the wheel today or fork one of two monolithic browsers that require significant upkeep and cross-domain expertise.
I feel like this approach has a much better shot at being sustainable and giving power back to users and clients, despite having its own challenges. I would like it if political fallouts such as this one didn't mean I have to completely migrate to a brand new system. Compare that to Linux, where I can say, migrate to Rocky if CentOS stops being a viable choice, without losing any of my tooling or configuration.
How is this legal / OK?