Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Microsoft Cloud United States

Microsoft Putting Servers In Germany To Keep User Data Away From US Intelligence (techcrunch.com) 173

An anonymous reader writes: Ever since the Snowden leaks, people and businesses in foreign countries have been wary about hosting sensitive data on U.S. soil for fear intelligence agencies would be able to comb through it at their leisure. Microsoft has announced a plan to combat those worries, saying they will host infrastructure for Azure, Office 365, and Dynamics CRM at data centers in Germany. In addition, the data centers themselves will not be run by Microsoft, but by a subsidiary of Deutsche Telekom, which eliminates more legal avenues for U.S. agencies to access the data stored there. "The two data centers will be based in Magdeburg and Frankfurt am Main, with Microsoft stressing this 'data trustee' model means it will not have any access to customer data without the consent of the trustee, and that it cannot therefore be compelled — 'even by a third party' — to hand over customer data."
This discussion has been archived. No new comments can be posted.

Microsoft Putting Servers In Germany To Keep User Data Away From US Intelligence

Comments Filter:
  • by Anonymous Coward on Wednesday November 11, 2015 @10:51AM (#50908203)

    This just in... German authorities access data on behalf of USA in accordance with intel sharing agreements.

    • Re: (Score:3, Informative)

      by EmagGeek ( 574360 )

      Don't pay much attention to the news, do you?

      https://www.rt.com/news/256729... [rt.com]

      • by Anonymous Coward on Wednesday November 11, 2015 @11:17AM (#50908335)

        Don't pay much attention to the news, do you?

        https://www.rt.com/news/256729... [rt.com]

        Oh, we've been paying attention. Question is, how much of these "anti" monitoring actions being taken are we supposed to believe are legitimate?

        Hmmm, look what I found in TFA:

        "However, the BND will continue to garner telephone calls and fax messages for Washington as this service falls under a different agreement."

        So, requests merely hitting the BND in a different fucking format are a loophole big enough to drive a fleet of Mack trucks through. Gee, why am I not fucking surprised...

        Behind our backs is where they've been illegally operating for years. Why the hell ignorant citizens of any country think governments will actually grow ethics and morals out of this is beyond even common sense.

        • Because there is a balance now between the private billionaire's world and the govs, and at its core lies yours and everyone else's information. All these "laws" are simply there because people can't handle the truth. It's a bunch of well known super heroes and their HQs up in the Western world and Germany is no different. Here's the positive side, we're all safe because everyone's naked. The negative side, some of the naked people are 30 feet tall and they're happy to see you.
      • From a Russian state-funded news site....nice source there Zippy...
    • This just in... German Federal Intelligence Service will now access Microsoft data on behalf of the Federal Intelligence Service.

      Kids, do yourselves a favor: Keep your own data in your own posession instead, ok? To hell with 'The Cloud', it's for chumps.
  • The US are already spying on Germany.

    http://edition.cnn.com/2015/07... [cnn.com]

    • by wiggles ( 30088 )

      And Germany on the US. Even the best of friends keep tabs on each other in global espionage circles.

      Keep your friends close....

  • by clickety6 ( 141178 ) on Wednesday November 11, 2015 @10:55AM (#50908233)
    From Wikipedia: "The Dagger Complex is a US military base in Darmstadt (Germany), close to Griesheim [about 20km south of Frankfurt am Main]. [...] The complex is operated by the United States Army Intelligence and Security Command (INSCOM) on behalf of the U.S. National Security Agency (NSA). Building 4373 within the complex houses the NSA's European Cryptologic Center (ECC), the agency's principal SIGINT processing, analysis and reporting center in Germany."
    • by dave420 ( 699308 )

      I doubt that has anything to do with it - Frankfurt am Main is Germany's financial hub, which would explain why the NSA would like to have its "we only spy on terrorists, not financial stuffsz!111 honest!" located nearby. Microsoft is most likely there because of its location - as home to the aforementioned financial institutions, it has excellent connectivity.

    • Well spotted.

      So to summerise

      There is now to much data to spy on by sending it all over the Atlantic.

      So the are moving the spy center to Germany. ..

      And telling us its to keep our data safe from the nsa.

      Sorry Microsoft, google and friends. Still not going to put anything of value on your hardware. Your cloud business model is still broken.

    • by LWATCDR ( 28044 )

      For the NSA to spy on a data center in Germany run by a German company is totally legal under US laws and by having a German company run it Microsoft is totally off the hook.

  • by Anonymous Coward on Wednesday November 11, 2015 @10:57AM (#50908245)

    it cannot therefore be compelled — 'even by a third party' — to hand over customer data.

    They might not be able to hand over the data, but I imagine they could still be found in contempt for not doing so.

    Judge: "Hand over the data."
    Microsoft: "We are physically incapable of doing so."
    Judge: "Not my problem."

    • by Sique ( 173459 ) on Wednesday November 11, 2015 @04:38PM (#50910705) Homepage
      Actually, it is the judge's problem.

      What Microsoft created here is a "plausible deniability". They are neither the owner nor the operator of the computers. So if the judge argues that the data is stored on the german servers, Microsoft can say that they asked their german service provider, but the german service provider refused (rightfully, as Deutsche Telekom is incorporated in Germany and subject to german laws), and thus Microsoft simply can't answer the judge's request.

  • NSA Loophole (Score:5, Insightful)

    by Anonymous Coward on Wednesday November 11, 2015 @11:04AM (#50908277)

    So, every communication and bit of data is stored on a German server by a German company?

    This is a great win for the National Security Agenty in the United States.

    The NSA is not "legally" allowed to spy on USA Citizens. Great Briton and other countries have similar laws about their own citizens (for now.)

    But a German company and its servers are German not American. So the NSA is perfectly in the right to hack, intercept or interrupt those severs in the interest of national security.

    Sure, the current USA government can't publicly compel the release of USA citizens, but everything else is now on the table once your data is communicated to or kept by a non-citizen.

    The only question now is: is Microsoft Word the format of choice for foreign terrorists? It's currently the standard for corporate ones.

    • The legality of illegal spying is not the point.

      The point is keeping data out of reach of warrants.

      • by Agripa ( 139780 )

        The legality of illegal spying is not the point.

        The point is keeping data out of reach of warrants.

        The legality of the spying is the point now and the warrant requirements are not because the NSA and other intelligence agencies now share data with law enforcement for the purposes of prosecution.

        • I don't know what that means, but the point is stated in TFS and TFA:

          Microsoft is working to make warrants served on Microsoft impotent by way of, "Oh, sorry. You'll have to take your silly-ass problem down the hall because we are the party responsible for the creation of data, but we are not the custodians of the data. We do have a Keurig 2.0 and some adorable K-cups if you like, and the restroom is the first door on your right."

    • Microsoft is unlikely to keep the NSA out of its data. It can keep it out of civil suits and the like, and that may be the intention.

      The NSA is really mostly harmless to US citizens, compared to other organizations that might want such data.

    • by AHuxley ( 892839 )
      The Germans will also have a huge way in for the BND and Federal Office for the Protection of the Constitution
      Add in the five eye nations too via the NSA, GCHQ.
  • by Anonymous Coward

    Snowden's documents revealed that there's often close cooperation between the german intelligence and the NSA. So this legal arrangement might protect your data from a US court order, but not from the NSA. In general, the only jurisdictions that are unlikely to cooperate with the US intelligence are those of US adversaries, like Russia or China.

    The only western country that has refused to cooperate with american intelligence and LEAs multiple times is... Vatican City. However, it's too artistically wonderfu

  • I have a hard time accepting that Microsoft is actually trying to keep data from any government. Putting a database in Germany that will be managed by German a communications company may make data collection easier for both governments while providing Microsoft the opportunity to claim security.
  • Put the datacenters in Hollywood.

  • Not smart (Score:2, Informative)

    by gatkinso ( 15975 )

    The NSA is allowed to spy on foreign entities. That is their mission.

    Soon, they will be barred from spying on US assets.

    However in reality - they will continue to spy on everyone and everything.

    • by Malc ( 1751 )

      So which do you think the NSA prefer: spying on German citizen's data in a US data centre, or spying on German citizen's data in a German data centre?

  • by Sibko ( 1036168 ) on Wednesday November 11, 2015 @11:42AM (#50908513)
    To me, it just seems like Microsoft wants to look like they're trying to protect data from the US government's snooping, rather than actually working to protect data from US government snooping.

    Germany is one of the last places I'd go to escape US intelligence agencies. Microsoft would've been more believable if they'd partnered up with relatively neutral parties like Iceland or Switzerland.
    • by AHuxley ( 892839 )
      More from US courts or been seen in US courts in public having to hand over US collected data on Germans because a German used a US band.
      This method will put collection back to the clandestine services and away from public US courts with laws searching for any data stored on a US bands products globally.
    • by quax ( 19371 )

      It's just that, a smart business move. The German market is the largest in Europe and the most sensitive to this issue. This is about revenue protection. Nothing less, nothing more.

  • Hmm... (Score:5, Insightful)

    by EmeraldBot ( 3513925 ) on Wednesday November 11, 2015 @11:48AM (#50908555)

    The idea that they're trying is using technical measures to keep the CIA and friends out, and the legal protection to stave off warrents. It's a decent idea when you think about it - it's not bulletproof, but a step up from existing measures. Furthermore, it makes it more illegal - going after an American on foreign land isn't domestic surveillance and it's not foreign surveillance either, making it harder to justify, and as such hopefully making whoever approves this crap more worried about the potential reprecussions. And that I think is the real purpose of this: not to make users immune to the intrusion, but simply to make it more difficult. I don't mind a fight being up, even if it is yet to be determined how effective it is.

    Who thought we'd ever see a big corporation use a loophole for the benefit of its customers? I almost want to say that's what really scares me, if bribery didn't work.

    • by AmiMoJo ( 196126 )

      This isn't designed to keep the NSA out. As you say, technical measures won't help, and realistically they will carry on spying on Americans no matter what so there is no point hoping that comes to an end soon.

      This is designed to keep the FBI and other less clandestine elements of the US government out. The FBI usually have to reveal where data came from in court, and if they hacked it then the case gets thrown out because it could easily have been tampered with. So they put in legal requests demanding that

      • Microsoft is just following the lead of Google and Apple by making it impossible to comply with such requests.

        What have Google and Apple done to make it impossible to comply with legal requests?

  • This is to allow MS to continue to collect data on European customers without running afoul of the recent EU slam of 'Safe Harbor'.

    Marketing spin turns this into "We are protecting you from spies" bullshit.

    • by tnk1 ( 899206 )

      Safe Harbor will be resolved in six months and we'll be back to where it was, with maybe a few changes.

      This is probably just something they were going to do anyway, and decided it was a good time to make a big deal out of it for PR purposes. Many customers wanted their stuff in the EU even before the Safe Harbor debacle.

      • Safe Harbor will be resolved in six months and we'll be back to where it was, with maybe a few changes.

        I'm not so sure about that. European governments have two big reasons for wanting data and data centers to come home to Europe: (1) it brings IT jobs back into their countries, IT jobs they have been unable to create through competition, and (2) it makes it much easier for European governments to spy on their own citizens; as long as it's the NSA spying on this data, European access to it is quite limited.

        • by tnk1 ( 899206 )

          Speaking as someone who has European data in the US, we simply cannot afford to hire more Operations staff in the EU to look at EU data. A lot of businesses are in the same boat.

          You might suggest that some local EU business might therefore eat our lunch, but honestly I don't know any company in the EU that does what we do.

          They'll resolve it because it is a serious impediment to business and a lot of businesses also don't want to up and switch providers or force their providers to have to open EU subsidiari

          • We'd simply withdraw our product from EU states first.

            Yes, and think about the effects of that.

            Big US companies can afford to hire European IT staff, so to them, that eliminates a competitor. I think most of them aren't trying to actively use these issues to kill competition, but they aren't going to spend a lot of money to lobby on your behalf, and they themselves don't care.

            European IT companies, big and small, also face one fewer US competitor. They are certainly going to lobby their government for prot

  • As government expands the economy and jobs disappear.

    Just one more data point ...
  • Translation: German intelligence is miffed that it is hard to spy on Germany citizens when their data sits on a US server; therefore, the German government pressures companies like Microsoft to move their servers to Germany, where the German government can spy on them much more easily. Having the servers in Germany not only makes it technically much easier to spy on users, it also allows the German police and spy agencies to demand data and issue gag orders, or even seize physical hardware if need be.

    Will t

    • by prefec2 ( 875483 )

      Don't worry the BND is actually only a branch of NSA, they spy for the US on everyone including German diplomats.

  • ... jobs to move offshore.

  • Hosting with Deutsche Telekom is really safe.
    As soon as somebody accesses the data, they'll have their high-speed quota maxed out in an instant and their bandwidth reduced to a agonising 200 baud trickle.
    I expect most people to give up accessing your data before they can get anything meaningful.

  • by stereoroid ( 234317 ) on Wednesday November 11, 2015 @01:22PM (#50909265) Homepage Journal
    Yesterday M$ announced major data centre expansions in those countries, for Azure, DynamicCRM and other cloud offerings (link [irishtimes.com]. I imagine the lower corporate tax rates had something to do with it!
  • if data cannot be legally obtained.
    Of course it won't do anything about ELINT.
  • If you're worried about the NSA, this won't do a bit of good. If, however, you're worried about the DOJ, this may be an adequate defense. Which means that it's likely to be a safe place to hide corporate shenanigans, but not something the intelligence agencies are interested in.

    So who benefits?

  • They saw the breakup between Germany and the CIA

  • It seems more like they're building data centres in Germany because it makes it much easier to serve Europe from inside Europe.
    I doubt they'll be storing any USA customer data there.

    Maybe also because Europe frowns upon American companies shipping European customer data off to the USA.

    • They already have data centres in Europe, however they directly own them through there own subsidiary's, unfortunately the US government don't recognize borders or international laws or other countries laws. These new datacenters "should" be out of the US governments "supposedly" legal reach.
  • Encrypt, then stripe the data across countries so you need cooperation from everyone to get anything (;-))
  • A German company will be operating the data center, but Microsoft will still be writing and presumably operating the software.
    Or are they making an Office 365 install like running Apache and any ol' ISP can run a copy?

    In a world where any computer can talk to any other computer, the physical location of the small bits of wire and magnets holding your data isn't the most important thing to worry about.

    • In a world where any computer can talk to any other computer,

      Which world is that? In the world I live in, you still need to plug bits of copper into contact with each other, or accelerate electrons in an antenna in a specific pattern, in order to get computer to talk unto computer. If you choose to NOT connect that cable, or to switch on the software that controls that antenna (if the electronics are actually installed in your computer, and if there is a corresponding antenna elsewhere in your building) the

Never buy from a rich salesman. -- Goldenstern