As Congress considers the tech-backed CLOUD Act, privacy and human rights groups raise concerns

(Pixabay Photo / cc0)

The modern world of cloud computing, where data can moves seamlessly across most borders, presents challenges for law enforcement agencies and tech companies working with laws designed for a different era. A new law designed to address these international issues that has the support of both parties is pending before Congress, but privacy advocates and others are worried this solution will create an entirely new set of problems.

The CLOUD (Clarifying Lawful Overseas Use of Data) Act was introduced by Utah Senator Orrin Hatch and Georgia Representative Doug Collins in early February, and it seeks to change the way U.S. law enforcement agencies go about getting data from tech companies that is stored outside the U.S., as well as how foreign governments conduct their own investigations seeking data from U.S. tech companies. It has the support of both Department of Justice and Microsoft, who are awaiting the decision of the Supreme Court on a case that involves many of the same issues, and the broader tech industry.

However, privacy advocates such as Neema Singh Guliani of the American Civil Liberties Union are concerned about how the proposed law gives a great deal of leeway to the executive branch when it comes to determining which countries are allowed to subpeona U.S. tech companies, removing a judicial review. And those concerns are growing this week after Gizmodo reported Thursday that the Senate is likely to tack the CLOUD Act onto the much larger spending bill scheduled for next week that will need to pass to avoid shutting down the government.

“I think the CLOUD Act and some of the proposals in it, are one of the more consequential pieces of legislation I’ve seen,” said Guliani, legislative council with the ACLU, in an interview with GeekWire. “This is a big change, and a big shift in the way things are done.”

Seeing through the cloud

The CLOUD Act is designed to streamline the process through which law enforcement organizations — both foreign and domestic — obtain the personal data of users on U.S.-based tech services. The idea is to encourage countries to sign mutual legal assistance treaties with the U.S. that set out rules for how such requests are processed, and clarifies that data belonging to U.S. citizens is subject to a lawful warrant even if it is stored overseas, one of the key issues in the Microsoft-DOJ case argued earlier this year.

It does this by removing a few steps in the process. Right now, foreign governments that are conducting investigations on their citizens and want to access data stored by a U.S.-based tech company must have a mutual assistance treaty with the U.S. on the books and then submit a request to the Department of Justice, which must also get sign-off from a U.S. judge before it is passed on to the tech company.

Under the proposed law, that judicial review will be removed, and the executive branch’s only responsibility will be to negotiate the treaties with foreign governments. Foreign governments would then submit requests directly to tech companies, which would still have the ability to fight a request if they deemed it unlawful or excessive.

Microsoft and other big tech companies think this is the best way to go.

“The CLOUD Act creates both the incentive and the framework for governments to sit down and negotiate modern bi-lateral agreements that will define how law enforcement agencies can access data across borders to investigate crimes,” Microsoft President and Chief Legal Officer Brad Smith said in a blog post entitled “A problem Congress should solve” the day his company argued its case before the Supreme Court. “It ensures these agreements have appropriate protections for privacy and human rights and gives the technology companies that host customer data new statutory rights to stand up for the privacy rights of their customers around the world.”

Attorney Josh Rosenkranz and Microsoft President Brad Smith after the February 2018 Supreme Court hearing on cloud data issues. (Microsoft Photo)

Some supporters of the bill think it will stave off the data-localization movements that have been gathering steam in the post-Snowden era. Cloud companies are freaked out about the extremely expensive possibility that without a new procedure for handling these requests, foreign countries could simply declare that all data generated by its citizens be stored within its borders, making it applicable to its laws. After all, if the U.S. wants to declare that it can obtain data on its citizens stored in a foreign country like Ireland, as the DOJ argued before the Supreme Court, it’s harder to argue that the U.S. government should be able to closely review applications for such data when placed by other countries seeking data stored inside the U.S.

Data localization laws would put a sizable dent in the operating margins of cloud tech companies, and would also present new technical challenges. One of the big advantages of cloud computing stems from the fact that data can be stored wherever efficiency dictates it should be, and adding new gates into the connection between tech companies and their users could hurt performance and reliability.

Making the world a better place?

However, the last couple of years haven’t really been banner ones for mass surveillance efforts by law enforcement agencies and big platform tech companies. Distrust of both organizations is probably at an all-time high, thanks to the Snowden revelations and the growing alarm at the amount of personal data generated on services like Facebook, Google, and other social media and internet companies that use cloud computing services.

Critics of the CLOUD Act are concerned that it allows the executive branch of the U.S. government way too much power to decide which countries it will share information with, and how, at a time when a sizable portion of the country is wary of the motives of the current executive branch. There is language in the bill that says the executive branch can only negotiate treaties with countries that adhere to human rights agreements, or demonstrate respect for due process when it comes to seeking information on their citizens, but there is no specific definition or remedy for how to determine if a country’s laws really offer things like “protection from arbitrary and unlawful interference with privacy,” as one section of the bill states.

Neema Singh Guliani, legislative counsel, ACLU (ACLU Photo)

For example, take a country like Turkey, Guliani said. A few years ago, Turkey might have been considered a country with good-enough respect for human rights, but things changed have very quickly in Turkey, and treaties are hard to rip up once they’ve been signed. The bill would also allow countries that inadvertently collect intelligence on U.S. citizens while investigating their own citizens — following laws that may or may not be consistent with U.S. law — to turn that data over to the U.S. government, without any kind of warrant process, she said.

Guliani and others believe this bill exposes individuals to abuse by law-enforcement agencies and also puts an undue burden on smaller tech companies to respond directly to requests from foreign governments. Companies like Microsoft, Amazon, and Google can throw lawyers around with the best of them, but startups operating moderately popular services don’t necessarily have the same legal budgets to draw upon should they be confronted a request for user data they believe to be excessive.

And what happens when a foreign government pressures a tech company to either give up user data or face business consequences in that country? Most tech companies at least talk the talk of being forces for good in the world, but they are massive corporations, and massive corporations tend to wind up doing things that are in the best interest of the massive corporation.

We’re voting on what?

As is fashionable in Washington D.C. in 2018, it’s quite likely the CLOUD Act will come to a vote without any hearings or public discussions about the merits of the bill, should it get attached to the omnibus bill scheduled for a vote next week. The usual chaos surrounding the possibility of a government shutdown and the general circus that has enveloped our modern edition of Congress suggests there will be little time to discuss a bill that could have wide-ranging ramifications for tech companies, their users, and surveillance efforts around the world.

President Trump addresses a joint session of Congress. (Photo Courtesy Speaker of the House of Representatives via Wikimedia Commons)

But supporters of the bill argue that without quick passage of the CLOUD Act, foreign countries will simply abandon the current system of funneling requests through the DOJ in favor of data localization laws that might likely provide fewer privacy protections than the meager ones laid in out the bill.

“In short, the United States has a time-limited moment to use its current, but perhaps fleeting, leverage as the holder of so much of the world’s data to set privacy-protective standards that foreign governments can be pushed to meet,” wrote Jennifer Daskal and Peter Swire in Lawfare this week. “Once foreign governments implement data localization mandates or find alternative ways to bypass the U.S. system, the U.S. leverage will be lost.”

Washington has never really been able to keep up with the pace of change in Silicon Valley, which has amassed immense power over the few decades in part because few legislators actually understand how technology works. Perhaps the passage of the CLOUD Act could offer forward-thinking regulators an opportunity: if we’re going to remove one set of government review of cases involving the transfer of sensitive personal data from massive tech companies to foreign governments, perhaps it is time to regulate those massive tech companies with a stronger hand.

Powered by WPeMatico

Women in Cloud Accelerator names first startups, giving access to Microsoft and HPE sales channels

Kate Isler, CEO of Daysaver

Kate Isler says her company, Daysaver, needs to start growing. Isler wants to show off her cloud-based patient scheduling software to gigantic healthcare providers — and she wants to prove to them that Daysaver can scale up fast to meet their needs.

Isler, who is Daysaver’s CEO, is hoping a new business accelerator for women-run cloud companies, offered by Microsoft and Hewlett Packard Enterprise, will plug her into new cloud technologies and big-name customers.

“I have so much opportunity but I have limited resources,” said Isler, who used to work as a marketing and advertising director for Microsoft. “To get into those larger health systems, this is exactly what I needed.”

Daysaver is one of a dozen companies participating in the Women in Cloud Accelerator, which was unveiled in January at the Women in Cloud Summit on Microsoft’s Redmond campus. The accelerator provides women-run cloud companies with training, mentorship, discounts on Microsoft and HPE services and, most significantly for Isler and other CEOs, access to both companies’ sales channels.

The program’s organizers recently announced the first class of participants. In addition to Daysaver, they are: Clever Databases, Stylyze Inc., Plantmatch LLC, RightSciences, Agile Impact Group, Bitlume Inc., Computing Kids, genneve, Automaton Marketing Inc., Red Sky, and Visual Media Group.

Gavriella Schuster, Microsoft corporate vice president for commercial partner channels and programs, left, with Carrie Francey, Hewlett Packard Enterprise vice president strategic alliances, at the inaugural Women in Cloud Summit in Redmond. (Tony Lystra Photo)

Only 20 percent of all businesses are owned by women and a mere 3 percent of VC funding goes to women-owned startups, said Chaitra Vedullapalli, one of the accelerator’s organizers and co-founder of Meylah, an e-commerce platform.

The accelerator has a simple goal: Increase the number of women-owned businesses operating in the cloud industry by giving them training and access to big customers.

In all, twenty-four companies applied to the six-month program, Vedullapalli said. Participating companies must be led by women and working to build a cloud-based revenue model.

While business incubators help nascent companies gain their footing, accelerators aim to help older, more adolescent companies thrive.

Most of the companies accepted into the Cloud Accelerator Lab are at least a year old, Vedullapalli said. Some, she said, have been in business for as much as eight years but their sales stalled and they need to tap into Microsoft’s and HPE’s distribution channels to recover.

Vedullapalli said the Cloud Accelerator Lab is different from others by providing that sales-channel access. “This one gives them access to customers in a way they never thought about,” she said.

Powered by WPeMatico

Week in Review: Most popular stories on GeekWire for the week of March 11, 2018

Get caught up on the latest technology and startup news from the past week. Here are the most popular stories on GeekWire for the week of March 11, 2018.

Sign up to receive these updates every Sunday in your inbox by subscribing to our GeekWire Weekly email newsletter.

Most popular stories on GeekWire

Powered by WPeMatico

Seattle born and raised, ‘Lode Runner Legacy’ is coming to the Nintendo Switch

Tozai Games, the Seattle-area game developer, is bringing its action-puzzle game Lode Runner Legacy, the most recent installment in the long-running Lode Runner series, to the Nintendo Switch.

When it came out on Steam last summer, Legacy was the first entry in the series in five years, and was chosen for a full-fledged release via the Steam Greenlight program. It’s an update and nod to the classic Lode Runner, where your challenge is to collect all the gold in each maze and escape, avoiding the traps and monsters along the way. You have the ability to destroy parts of the level, which you can use to delay or trap your opposition, as well as dig more treasure out of the bricks.

The game currently contains four separate modes of play, such as Classic Mode, which contains 150 levels based upon past Lode Runner games, and Puzzle Mode, which omits the enemies in each stage. You can also build a variety of your own stages and characters in Craft Mode, which lets you share your creations online and download new levels from other players.

The original Lode Runner was created in 1983 by the late Douglas Smith, who was then a student of architecture at the University of Washington. He built the game in assembly language on an Apple II, and eventually took a deal with Brøderbund to publish it on early computers like the Commodore 64. Lode Runner was a sales success, as well as one of the first games to ship with a built-in level editor, enabling players to create and share their own custom stages. Smith would go on to work on landmark games like Secret of Evermore and Secret of Mana before passing away in 2014.

Lode Runner went on to become the start of a small, long-running franchise. High-profile studios such as Hudson Soft, Irem, Psikyo, and even Nintendo released various games for arcades and consoles under the Lode Runner name, many of which were never released outside of Japan.

Lode Runner Legacy is slated to be available for digital purchase on Nintendo’s eShop this spring.

Powered by WPeMatico

Photo Of The Day By Kevin Cass

Today’s Photo Of The Day is “Lawn Dart” by Kevin Cass.
Photo By Kevin Cass

Today’s Photo Of The Day is “Lawn Dart” by Kevin Cass.

“Jack Pilot performs a Lawn Dart off an 80-foot rock in Grand Targhee Backcountry on a sunny winter morning,” describes Cass.

See more of Kevin Cass’ photography at www.kevincass.com.

Photo of the Day is chosen from various OP galleries, including AssignmentsGalleries and the OP Contests. Assignments have weekly winners that are featured on the OP website homepage, FacebookTwitter and Instagram. To get your photos in the running, all you have to do is submit them.

The post Photo Of The Day By Kevin Cass appeared first on Outdoor Photographer.

Powered by WPeMatico

How to perfect your pitch deck — according to a guy that gets a lot of pitches


One of the most critical tasks startups face, is creating a killer elevator pitch — a short, verbal description of who they are, what they do, and how they are going to succeed as a business. There are countless blog posts and listicles that have been created to guide founders through this process, but they rarely include how to get to actually get the chance to do the elevator pitch. The elevator pitch process has led to parodies on sites like the Startup Elevator Pitch Generator and “it’s like x for y” pitch roulette sites. This doesn’t mean that creating…

This story continues at The Next Web

Powered by WPeMatico

Use Facebook, Instagram and social channels to market the right way — learn how for only $29


There’s marketing. Then there’s social media marketing. And after you drill into the philosophies of both, the two appear as different as a horse and buggy parked next to a Tesla. Opinions change fast, algorithms change fast — and if you’re trying to sell a product or an idea in the online landscape of Facebook, Twitter, and their contemporaries, there’s a hyper-specialized skill set you need to possess. The Silicon Valley Digital Marketing Institute prides itself on that social media knowledge. Now, they want to give it to you with this SV Social Media course with certification, available right now…

This story continues at The Next Web

Powered by WPeMatico

We can’t allow big tech companies thwart the ‘right to remember’


The European Union recently adopted laws embodying a proposed “right to be forgotten,” to protect individuals from eternal memorialization of unfortunate past indiscretions. However, I feel it’s time to propose a complementary “right to remember,” to ensure that history cannot be erased or rewritten at the whim of those who control the systems we use to communicate, plan, and lead our lives. Recent court cases have shown that the largest, most powerful companies controlling the internet are willing to take extreme positions regarding their right to control data after it’s been made public. They abuse ambiguous, out-of-date US legislation such…

This story continues at The Next Web

Powered by WPeMatico

Secure voting, digital ID’s, and more: How blockchain could reform digital democracy


The immutability and decentralized nature of public blockchain networks, such as bitcoin and Ethereum, could allow governments to process large amounts of sensitive information on an unchangeable and transparent platform. In an exclusive interview with Binary District, Daniel Gasteiger, the co-founder of Procivis, an electronic ID solutions company built on integrated e-government platform eID+; and Patrick McCorry, a Research Associate at University College London (UCL), discussed the potential of blockchain technology in e-governance and the limitations that may restrict its applicability. Potential applications of blockchain technology in e-governance Over the last two years, several governments, including those of Brazil and…

This story continues at The Next Web

Powered by WPeMatico

Facebook will carry a health warning within five years


I predict that in five years time, Facebook will carry a health warning. Of course, this is an outrageous prediction, but watching the fiddling going on at Facebook and other online giants while their empires burn, it’s clear they must instigate significant changes before regulators impose new controls. I don’t think that Facebook will carry a health warning not because it’s particularly bad for your health, but because it’s failing to learn the lessons of the past and come up with adequate responses to criticism There are two main reasons. One, like many giant tech companies before it, it has…

This story continues at The Next Web

Powered by WPeMatico

Just another WordPress site