Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
Canada Cloud Privacy Your Rights Online

Canada Quietly Offering Sanctuary To Data From the US 184

Posted by Unknown Lamer
from the privacy-and-poutine-eh dept.
davecb writes "The Toronto Star's lead article today is Canada courting U.S. web giants in wake of NSA spy scandal, an effort to convince them their customer data is safer here. This follows related moves like Cisco moving R&D to Toronto. Industry Canada will neither confirm nor deny that European and U.S. companies are negotiating to move confidential data away from the U.S. This critically depends on recent blocking legislation to get around cases like U.S. v. Bank of Nova Scotia, where U.S. courts 'extradited' Canadian bank records to the U.S. Contrary to Canadian law, you understand ..."
This discussion has been archived. No new comments can be posted.

Canada Quietly Offering Sanctuary To Data From the US

Comments Filter:
  • by Anonymous Coward on Thursday January 09, 2014 @10:50AM (#45906869)

    They've been doing intelligence cooperation with the US for ages, why would they be any more trustworthy?

    • by scamper_22 (1073470) on Thursday January 09, 2014 @12:31PM (#45907953)

      As a Canadian, I always find our ability to blame everything on America quite interesting.

      Anything that is not some liberal utopian ideal is BECAUSE AMERICA.

      We talk about drug laws in Canada... and it's those damn Americans who force us into the war on drugs. Of course Canada's history isn't full of old conservative white folks who feared Chinese workers and their opium.

      We talk about sexuality and its the damn American influence that prevents us from being a nudist paradise.
      We don't have any history of conservatism or banning Madonna for too much sexuality. All that must come from the US.

      We talk of wars and it's always those damn Americans and their war machine. No hint of Canada's history of war.

      And yes, when it comes to spying or betraying its own citizens... it's always those darn Americans. Canada didn't have anything to do with Japanese internment because Canada has human rights. The US doesn't. Canada has never had to spy on its citizens. Surely Canada didn't spy on the various Quebec separatist movement historically.

      At the end of the day, it's as if people don't realize that historically Canada and the USA are very similar. Both led by old Europeans. Sure there are differences. And much has changed post WW2. But still remarkably the same.

      • We talk about sexuality and its the damn American influence that prevents us from being a nudist paradise.

        I thought that was because your country is one of the few places that is colder than the state I live in, that and horse flies.

  • Meaningless (Score:5, Insightful)

    by dreamchaser (49529) on Thursday January 09, 2014 @10:51AM (#45906879) Homepage Journal

    This is completely meaningless as long as any data has to traverse any network in the US. For that matter, I highly doubt that Canada or any other US ally won't actually cooperate with the NSA. This is nothing but a marketing move on Canada's part.

    • This is completely meaningless as long as any data has to traverse any network in the US.

      If I am exchanging data between Canada and any other place but the US, why would it traverse the US? If these companies want to do business with the rest of the world without being spied on by US agencies, being outside the US is a good place to start.

      Whether that alone is enough is questionable, but it's a start and certainly not meaningless.

      • by davecb (6526)
        Canada has a number of links that carefully don't pass through the US. A somewhat obvious case is the link to Cuba (;-)) That particular one started out as a 9600 baud satphone kludge between Memorial U in Newfoundland and a Cuban university.
      • Re: (Score:2, Informative)

        by Anonymous Coward

        If I am exchanging data between Canada and any other place but the US, why would it traverse the US?

        Because of the way the internet works.

        The shortest, fastest network connection between two points isn't always geographically the shortest.

        A connection between a computer in Montreal and a computer in Toronto might transit a network in New York or Chicago, because those pipes are bigger, faster & cheaper.

        Although, given the Snowden leaks, there may be increased interest in routing internet traffic within

    • Re:Meaningless (Score:4, Insightful)

      by Charliemopps (1157495) on Thursday January 09, 2014 @11:08AM (#45907025)

      Its all about the perception of their customers. US territory is tainted in the eyes of the world now.

      • by djmurdoch (306849)

        US territory is tainted in the eyes of the world now.

        That's the main point. The article is about Canada trying to convince companies to move, but it's pretty unlikely that Canada is the only country doing that.

    • by a1cypher (619776)

      Also, as mentioned in the original post, companies like Cisco are considering moving their R&D to Canada where they will not be forced to include backdoors for the NSA. As someone whose main business is networking gear, I can see this as being a big selling feature to Cisco.

      Whether the actual data that is routed through the US is safe or not doesnt matter as much as being able to assure your customers that your devices dont contain NSA backdoors.

      • by ahodgson (74077)

        As long as the execs live in the US, the company will do whatever .gov wants them to do.

      • by tlhIngan (30335)

        Also, as mentioned in the original post, companies like Cisco are considering moving their R&D to Canada where they will not be forced to include backdoors for the NSA. As someone whose main business is networking gear, I can see this as being a big selling feature to Cisco.

        Actually, that's just the image they want to project.

        The real reason why companies have development centres in Canada is simple - it's a LOT easier to get work visas and such in Canada! And there's a bunch of times when particular pe

      • Also, as mentioned in the original post, companies like Cisco are considering moving their R&D to Canada where they will not be forced to include backdoors for the NSA. As someone whose main business is networking gear, I can see this as being a big selling feature to Cisco.

        Whether the actual data that is routed through the US is safe or not doesnt matter as much as being able to assure your customers that your devices dont contain NSA backdoors.

        Cisco is a US company. It's bank accounts are in the US. A lot of it's people are in the US. It's customers are all in the US. If the NSA has the juice to force Cisco to implement a back-door then it doesn't matter where the routers are designed, the backdoor will be implemented.

        I believe there have actually been cases where banks tried to conceal their Canadian customers data because Canadian law said that was their duty, but the US got it anyway because they had bank accounts on this side of the border th

  • by robot_love (1089921) on Thursday January 09, 2014 @10:52AM (#45906887)

    Our banks will release all personal information to US law enforcement, even though this directly contravenes our Constitution.

    http://www.cbc.ca/news/politics/canadian-banks-to-be-compelled-to-share-clients-info-with-u-s-1.2437975 [www.cbc.ca]

    • by MrKevvy (85565) on Thursday January 09, 2014 @11:07AM (#45907013)

      Canada also assisted the NSA in spying [www.cbc.ca] including spying on attendees at the G20 summit in Toronto in 2010.

      As this is common knowledge, I'm skeptical that any entity would trust Canada more than the U.S. with its confidential data. I certainly wouldn't.

    • I guess the question is, will Canada's citizens be more likely than US citizens to demand that their rights be upheld? Honest question: I know the likelihood of the US getting rid of the NSA is low. And 9/11 didn't happen directly to you guys. Not that one freak incident justifies 15 years of cowardice, but plenty of US citizens and politicians seem to think it does.
    • It doesn't have to be true, just marketable. This is about winning customers. Ruin the marketability of that statement and you ruin their stupid attempt at a false sense of security and then maybe we can move on to an actual solution. If people have faith in this, it derails true security.
  • by More Trouble (211162) on Thursday January 09, 2014 @10:54AM (#45906909)

    The NSA et al are (legally) *more* restricted in the US than abroad. While there might be congressional hearings & other hand wringing about what the NSA does in the US, foreign countries are a cyber free fire zone. Information superiority is the goal, and the NSA has huge fire power ATM.

    • Re:Crazy (Score:4, Informative)

      by Nerdfest (867930) on Thursday January 09, 2014 @11:15AM (#45907083)

      In other countries they must actually do 'spying' though, as opposed to just forcing companies to hand over data under threat.

      • by davecb (6526)
        They're trying to remove that restriction: in part because Canada objected to decisions like U.S. vs Bank of Nova Scotia, the US Internal Revenue service got a law passed requiring any bank doing business in the 'States to report on their US customers to the IRS. Canada Revenue seems to have rolled over, while the banks are doing things like warning US citizens that if they create an account they will be reported to the US taxman by the Canadian one.
  • by couchslug (175151) on Thursday January 09, 2014 @10:55AM (#45906919)

    Security is an illusion people will pay for, so why not make a profit?

  • It seems we Canadians were playing lapdog to all this nonsense; so why would anyone send their data here. It also seems that the Canadian government is perfectly happy to send Canadian data and its citizens to face US justice. I was proud of Canada's history of protecting draft dodgers; but then we sent an Iraq dodger back and my pride died that day. Then Mark Emery thrown to the wolves by the Canadian government, and recently the Canadian government has begun sending all sorts of bank records south.

    So if
  • I thought most Canadian traffic is routed through Chicago or New York...
  • US companies shouldn't be able to shirk tax laws just by going to an overseas bank. This posits a false dichotomoy, where either you're in favor of the NSA, or you think multi-national companies should be able to avoid laws and regulations they don't like by doing all their extra-legal business in Canada or the Cayman islands or where tax laws/regulations are most convenient.

    • by Grishnakh (216268)

      US companies shouldn't be able to shirk tax laws just by going to an overseas bank.

      Yes, they should. It's up to the US government's law enforcement arms to enforce tax laws within its own borders; foreigners have no obligation to help them enforce their laws. If a company is located within a country, it's pretty hard for them to move money outside the country in a way that's impossible to monitor for authorities inside that country. If the company is getting some kind of tax break by moving the money out

      • The companies don't just transfer money from one bank account to another...it's way more complicated. One way is to pay an offshore subsidiary huge amounts of money for relatively little actual work. They can then call that a "cost" in the USA and reduce taxes owing, then show the profits in another country with lower taxes.

        • by Grishnakh (216268)

          One way is to pay an offshore subsidiary huge amounts of money for relatively little actual work. They can then call that a "cost" in the USA and reduce taxes owing, then show the profits in another country with lower taxes.

          Again, these seems like a failure of the US (or any national government in the same position) to create decent laws to regulate this sort of thing. One obvious easy fix is to simply disallow companies from owning offshore subsidiaries or being multinational. Another would be to heavil

  • by Anonymous Coward on Thursday January 09, 2014 @11:02AM (#45906981)

    That court case did nothing of the sort - it was a court case against a local US bank subsidiary asking for records of other subsidiaries in the Bahamas and Cayman Islands.

    The real problem is the coming US FATCA law: http://en.wikipedia.org/wiki/Foreign_Account_Tax_Compliance_Act [wikipedia.org]

    This US law requires foreign banks to provide information about accounts held by Americans, or ELSE.

    Canada is not generally regarded as a tax haven - there is no bank secrecy here, no secret corporate ownership and Canada isn't a low-tax jurisdiction. Our taxes are higher than most of the USA.

    There is a Canada-US tax treaty, and generally speaking US citizens living in Canada don't have to pay tax to the USA since they get an IRS deduction for the taxes they pay to Canada (they don't get taxed twice on the same income).

    Under US law, all US citizens have to file with the IRS every year, even if they live in a foreign country and owe nothing in taxes.

    However, for a Canadian bank to provide information about US customers to the IRS (absent a crime or court order) violates Canadian privacy law. So Canadian banks are in a very difficult position:

    - comply with FATCA and break Canadian law
    - get permission from their US customers to hand over info to the IRS
    - don't do business with US citizens living in Canada (of which there are about a million)

    • by pla (258480)
      - comply with FATCA and break Canadian law
      - get permission from their US customers to hand over info to the IRS
      - don't do business with US citizens living in Canada (of which there are about a million)


      I fail to see how that puts the banks in a difficult situation. Canadian banks have no obligation to comply with US law; they do, however, have an obligation to comply with Canadian law.

      The burden of compliance here rests entirely on those US citizens storing money in Canada. The Canadian banks simply
      • The banks do business in the USA. If the Canadian side didn't cooperate, then the American side would presumably be targeted by the government.

        • Clearly, the solution is for the rest of the world to stop doing business with the United States.

          And as a US citizen, I urge you to please do it! The Federal government is no longer under citizen control; a worldwide embargo might be the only thing left that could stop it from continuing to run amok.

      • by compro01 (777531)

        Canadian banks have no obligation to comply with US law

        They do if they operate in the USA. I know RBC does.

    • To be precise, the case was one in which the US required the Bank of Nova Scotia's subsidiary in the US to duplicate records from the Cayman Islands, contrary to the laws of the Caymans and also of Canada, where the Bank is chartered. That's why I put quotes around the "extradited" (;-))

      If the records were already in the 'States, there wouldn't have been reason for the Bank to object to a subpoena from a US grand jury.

      Returning to your post, FATCA is indeed a problem, and IMHO is a US response to tight

    • by Maow (620678)

      That court case did nothing of the sort - it was a court case against a local US bank subsidiary asking for records of other subsidiaries in the Bahamas and Cayman Islands.

      I came in here to address this issue.

      An interesting quote (emphasis mine) from the linked-to case:

      The nationality of the Bank is Canadian, but its presence is pervasive in the United States.[18] The Bank has voluntarily elected to do business in numerous foreign host countries and has accepted the incidental risk of occasional inconsistent governmental actions. It cannot expect to avail itself of the benefits of doing business here without accepting the concomitant obligations. As the Second Circuit noted

  • Don't large corporations control congress? Don't congress members want to stay in the good graces of corporations so they continue to get campaign donations and board positions upon retirement from public service?

    Why aren't large corporations pressuring congress to reign in the NSA?

    Who's holding the puppet strings?
    • by dkleinsc (563838)

      What does the corruption of the US Congress have to do with the marketing decisions of Canada's Prime Minister? One thing Canada is quite clear on: They aren't the US, and never will be.

    • by whoever57 (658626)

      Why aren't large corporations pressuring congress to reign in the NSA?

      Amongst those "large corporations" are companies that are suppliers to the NSA (people, equipment, etc.) and they have better contacts within Congress than the Silicon Valley companies that suffer due to the NSA's activities.

    • by davecb (6526)
      They're voting with their feet. That tends to make their complaints look fairly serious to the US congress.
      • They're bitching about voting with their feet, but that doesn't make it a credible threat. Business is always bitching about something.

        The problem Silicon Valley has is there's nowhere to go, and even if they leave they still have to obey US Laws or lose the US Market. And by "US Market" I don't just mean customers in the US. I mean suppliers in the US, US banks, etc. Canadian banks [www.cbc.ca] were just ordered to a) violate Canadian privacy laws by collecting data on precisely which of their customers is a US citizen

  • by alexhs (877055) on Thursday January 09, 2014 @11:11AM (#45907045) Homepage Journal

    American citizens, come and host your data on canadian soil !
    Therefore, it will technically be foreign data.
    Therefore, the NSA will be able to spy on it without trespassing any law regulating spying on its own citizens.
    Thanks for your cooperation.

  • by nimbius (983462) on Thursday January 09, 2014 @11:19AM (#45907115) Homepage
    The argument is premised on the idea that Americas largest multinational corporations are somehow so divorced from the legislative and governance process of the United States as to need to seek asylum in a foreign country.

    companies only care about customer data if consumer market research data indicates negative shifts in earnings as a result of their inability to assauage customers of the validity, sanctity and security of their data. A prime example is the Target scandal recently. the cost to shore up security was probably much greater than the cost to issue apologies in the media. Target further mitigated the impact by using weasel words like "may have" or "possibly" when describing the outcome of their data breech. This in turn led the financial companies beholden to the cardholders to issue, of course, similar statements with a key advisory to "watch" your credit card, not to replace it which while effective would have been vastly more expensive for the financial company.

    when companies face any real backlash from their customers, they legislate their way around it through the appropriate channels. AT&T demanded immunity from Bush wiretapping and received it. had they cared about your data, they would have fought the government to eliminate warrantless surveillance of this kind. But the law is ever on their side as they are the ones who craft it. Verizon lobbied extensively for stricter laws protecting arbitration clauses. They did it in response to a string of class action lawsuits related to overbilling customers. had they cared about the letter of the law, they would have made major changes and improvements to their billing system that prevented the plaintiffs from suffering the ridiculous mischarges in the first place.
    • Re: (Score:2, Funny)

      by Anonymous Coward

      If you think that sucks, did you know there's an entire political party organized around the belief that companies won't screw their customers as long as there are no regulations and laws which require bribing legislators to get around? Who'd have thought that removing those laws and regulations without any need to bribe anybody would have the opposite effect removing them on pain of bribe would have.

  • No secret that the NSA works with Canada, New Zealand, UK and Australia on ECHELON so anything in those jurisdictions is easily subject to acquisition. Equally easy would be any jurisdiction in Commonwealth countries or countries that are desiring entry into the Commonwealth who would allow this on their soil just to curry favor with the UK.
  • by sl4shd0rk (755837) on Thursday January 09, 2014 @11:22AM (#45907151)

    What makes you think a hacked Cisco border router plugged into the Internet is any more secure in Canada? It's just a couple more hops, that is all.

    • by zlives (2009072)

      the "thought" is that Cisco was being forced to write compromised code...

      • by Anomalyst (742352)

        the "thought" is that Cisco was being forced to write compromised code...

        far more likely they offered Pakastani pre-comprimised code as an "upgrade" option for 30% off their uneasonable retail price to all government agencies

  • If you really care about keeping that data confidential, keep it in your own computers! If a government agency wants it, at least then you'll probably find out.

  • Five Eyes (Score:2, Informative)

    by Anonymous Coward

    https://en.wikipedia.org/wiki/UKUSA [wikipedia.org]

    Spoiler alert: Canada is one of them.

  • by vux984 (928602) on Thursday January 09, 2014 @11:32AM (#45907267)

    Its an interesting catch22; moving the data out of the US theorectically elevates the legitimacy of any NSA attack on it, since its now a legitimate attack on 'foreign signals'.

    On the other hand thanks to the rampant domestic abuse, and undermining of local legal protection, at least moving it outside the country requires the NSA actually attack it rather than just help themselves.

    All that is assuming the Canadian's won't be complict sharing the data; but to my knowledge at least, that would still require somebody attack it as Canada doesn't seem to have quite the same degree of "give us your all data, don't tell anyone you are doing it, because: national security".

    Is it a marketing move? Absolutely.

    But it does still have some real impact; and really if you want the US to change its habits, an economic angle is really the best way to get their attention.

  • Somebody didn't bother reading his own link. There, information was requested from the American branch of a Canadian bank, seeking information about American customers where the files resided in the Caymans.

  • by BUL2294 (1081735) on Thursday January 09, 2014 @12:14PM (#45907757)
    So unless Google, Facebook, and the like are no longer going to be US-based companies (which I doubt will happen, especially given that they are publicly traded), and decide to shut down all operations in the US, things like the Patriot Act & wiretapping laws would still compel these companies to hand over data, despite the data center sitting on Canadian soil--or anywhere else in the world... Remember that Microsoft refused to answer questions about whether law enforcement had backdoors into Skype calls, after M$ picked up Skype. Pre-takeover, when Skype was an Estonian company, US-required backdoors didn't exist & couldn't be compelled, so the NSA had to hack to get the data...
  • Our rights are slowly being eroded thanks to Harper. The actual government won't be happy until we are a police state.

  • by Virtucon (127420) on Thursday January 09, 2014 @12:41PM (#45908049)

    Yeah, that won't work for example: Hushmail folded like a house of cards. [theregister.co.uk]

  • They'll just let the NSA know that the national password is 'bacon' and it's back to spying as usual.

  • Unfortunately, Canada is just as bad [theglobeandmail.com]. This would be especially true if you were a US citizen. They claim to go through "great pains to anonymize domestic communications" (which is likely not true) making all foreign (ie. US) communications fair game.

    Canada will also never refuse an extradition request [marianopolis.edu] to the US, or any of it's allies. A special circumstance is made for "political refugees" but I'd be completely surprised if some bullshit trumped up terrorism charges couldn't override that.

    So, US compani
  • The US Constitution - as you no doubt have figured out by now - doesn't.

  • Really, who is dumb enough to trust a country that's right in there with the US and is part of the 5 eyes group. Typical Canada, it pretends it's the nice guy but it's just as bad as anyone else.
  • LOL!

    Actually read the article. Which basically says that the NSA stuff with Snowden has made the perception of the US and privacy bad for cloud hosted services.

    Canada better privacy laws and...
    skilled workforce,
    COLD CLIMATE
    relatively cheap sources of electricity,

    make it ideal for companies to relocate data centers dedicated to cloud services to Canada.

    Heh, I suppose with the Cold Climate it would make cooling the data center less of an issue... :) Anyway made me laugh a bit. Though executives might not want

Loose bits sink chips.

Working...