The FBI recently floated a proposal in Congress to require all servers that provide products to customers be located within the United States. The FBI's proposal is part of its efforts to change aspects of the
Communications Assistance for Law Enforcement Act (CALEA) to accommodate changes in technology that make wiretapping more difficult. As noted in a NetworkWorld
article , the FBI's new proposal is breathtaking in scope. Putting aside the huge boon that such a proposal would have for hosting providers, the fact that the FBI feels that it needs this type of access indicates the problems that the agency must face procuring usable data about U.S. citizens in foreign countries. Between this proposal, the
Council of Europe Convention on Cybercrime , and Attorney General Gonzales' proposal that ISP's
keep records of users , there is sure to be a significant increase in the record keeping and compliance responsibility placed on hosts.
this is frightening me.
What about the <a href="http://www.export.gov/safeHarbor/index.html">Safe Harbour statement</a> with the European Union?
This could be the dead toll for SaaS companies as well as eBusiness companies serving non-US customers.
Do you really think it could pass? I do not hope.
Especially as <a href="http://www.datacenter.lu">we</a> are making our living with colocation and hosting for non EU companies servicing EU customers ;-)
But would you do if it were the other way round?
This issue is different that the European Database Directive that is the subject of the safe harbor principles which apply only to the transmission and processing of personal data about E.U. citizens outside the E.U.
I would hope that an idea like this would be a non-starter in Congress, but who knows what will happen. I do think that this proposal, along with the others that are set out in the original post, and the recent records retention obligations imposed by the E.U. on ISPs are harbingers of things to come.
http://www.networkworld.com/news/2006/091406-fbi-w...