[discuss] Misconceptions about what "US companies" means in respect of data rights of users - and how to protect them

Norbert Bollow nb at bollow.ch
Tue Jan 14 08:35:44 UTC 2014

Nick Ashton-Hart <nashton at ccianet.org> wrote:

> 1) The way US law works, any company - regardless of where it is
> based or operates - is subject to the US' laws on national security
> once it has "legal nexus" with the US - which can be created by all
> kinds of events, but to be simple, even one person employed there in
> any subsidiary - even one that isn't wholly owned - is good enough.

Consequently, pretty much all international Internet traffic transits
infrastructure that is controlled by companies that are (according to
the perspective of the US legal system, and also in practical reality)
subject to US law.

This issue is compounded by the fact that the US legal system does not
recognize non-US persons as having any fundamental rights in regard to
privacy, and is conducting massive, massively dangerous global
surveillance on this basis, especially in relation to information about
who communicates with whom, which (at least in the context of the
Internet's current technical architecture) cannot be easily protected
by technical means that do not introduce significant inconveniences. 


More information about the discuss mailing list