We had PII on Azure. We wanted to do business in France. We had to fork our services, and run a full stack on a crappy provider in France. They charged a lot more, would take weeks of vacation with zero support for us. It was a freaking nightmare.
EDIT: I love the responses I'm getting. People are in absolute denial that this does in fact fragment the internet. You may believe that's a good thing, and that's a rational discussion we can have. But don't lie to yourself, or to me, that this doesn't fragment the internet.
We didn't fork our code, we forked our services. We ran everything on Azure. Then we had to configure our kiosk devices to either talk to Azure, or to talk to our servers in France.
"Did you write your service to use proprietary Azure APIs without regard to vendor lock-in? Why not take this as an opportunity"
I'm sorry, do you have any idea of the cost of doing these things?
If you have 6 developers, total, how many of them are you willing to allocate to rewriting your stack, so that you can sell your product in Europe?
Oh indeed yes, which is why for years now I've been warning people to not write to proprietary APIs in the first place. It's a faustian bargain and sooner or later the bill is going to come due! If not because of legal requirements, then because MS or Amazon saturates the market, and has to increase revenue somehow. This is an example of where an ounce of prevention is worth a pound of cure. The upshot is that ignoring the warnings of people like me was a mistake.
(It's funny how people have moaned for years about "vendor lock-in" WRT Oracle. "They charge for every core!" But the cloud providers charge for every invocation, which is infinitely worse. And yet no-one seems to worry about it. It's really odd.)
Nothing comparable to AWS/GCP/Azure.
The colo/managed provider they chose and had been working with for years was nigh incompetent. I was positive that being able to spin up infra in any of the clouds would have been a ton more reliable.
Imposing byzantine regulations on every webmaster on the planet isn't helping anyone, least of all the European user, who will increasingly be locked out from the rest of the planet.
I see very little advantages from these privacy laws but I use and appreciate US businesses every day.
Lots of loaded assumptions there, of course, starting with the first conditional clause.
It's not fragmenting the internet; fragmentation is the whole point of the internet. It's (re-)decentralizing something that has been decentralized the whole time, until these gluttonous whales decided try to eat the whole pie.
And you're convinced that embodies "the whole point of the internet"?
Decentralization of the cloud is a good thing for so many reasons. I think you're deliberately confusing it with your PII issues and not grasping the larger picture.
Heh. Somethings tells me a devops engineer in France has way better work-life balance.
So then Hacker News has to launch servers in France.
And then French HN users are in an island, and only see other French HN users' posts and comments.
And, to be clear, you think that's a good thing?
Maybe this decision makes France toxic/favorable to certain kinds of business--much like how many privacy companies operate in Switzerland because the Swiss government is less likely to snoop than certain others, or how advertising companies operate in the US because they'll let you do whatever you want to their citizens. So yeah, fragments.
But you as a user are free to opt-into any fragment of the internet that will have you. If your government wants to stop you from doing so you should either take it up with your government or circumvent those limitations.
I don't particularly like the kind of fragment that France is creating here, the notion that data has a physical location in space strikes me as a rather shaky one, and I think policies following therefrom are likely to create convoluted architecture that exfiltrates the benefits of access without exfiltrating database instances (I've written enough code that tap-dances around the GPDR to know). Since I'm not trying to start an ad supported business in France, though, I'm happy to respect their right to come up with whatever weird policies they want.
I love hackernews, but there’s way more world out there to discover.
This is protecting EU citizens from EEUU companies having a free lunch on their data.
Or was it before Azure had that? Looks like they’ve had it for awhile, at least back to 2009 or 2010.
This was impacting us in 2014 to 2016, as I remember.
I'm sorry your business was impacted during the period where the regulations came into effect and the big platforms did not have compliant services ready. It would have been better if the negative externalities of these regulations would be entirely carried by the big platforms who are responsible for consumer privacy in the first place.
But in any case, the point is that the issue is solved without changing the laws or people having to switch cloud providers, as simply the global cloud providers have started offering compliant services.
In the past people said that the Internet was made for porn. Today the Internet is seemingly made for advertisement and surveillance. It not strange that so many people who worked in this industry for decades are feeling a bit lost in this new horrifying industry, which if the Internet really is made only to do advertisement and surveillance, I honestly think humanity is better off without it.
You should support companies with the best behavior.
I worked at a company that enabled a radiologist in over country to do a preliminary read of a CT scan performed in another country.
Cutting the amount of time for a CT scan, and even connecting a CT scan with a radiologist who specialized in that particular kind of scan, we saved lives.
And yes, there's also furry porn.
It's a tool.
I feel like I'm trying to convince you that BOOKS are good, despite the existence of hentai.
So why didn't you use Azure resources in Europe instead of "some crappy provider"? Sounds like you made a rod for your own back. If our clients are happy with Azure (in the right region) then I can't imagine many in the EU (other than perhaps national security services and their suppliers) reasonably refusing to allow use of it.
We host in Azure for some pretty significant financial organisations, mostly UK based but spreading our area. Some companies are requiring us to fully host in Azure DCs in their region, and some of those are Eastern, not UK/EU, based companies. At least one US interest that a friend's employer supplies demands data about its employees be hosted over there rather than over here, presumably so they can be assured it is kept to standards they are locally required to follow. Is it wrong that way around in your book too?
It isn't as easy as having everything in one region of course, but not much harder nor massively more expensive (caveat: most likely, as far as I know, I have the luxury of ignoring the bits that don't interest me and money is often one of those things, but I'm also senior enough that if there was something expensive happening, or something not happening due to expense, I'd catch wind as it would affect things I need to plan around) and it can't be as faffy/costly as using different providers in each territory.
If you are correctly following relevant regulations everywhere this does not fragment things any more than other rules that already existed. Aside from the fact things are being enforced this time, forcing companies handling PII to not quietly do things wrong because it is inconvenient to do things right. As an individual I'm perfectly fine with this.
https://news.microsoft.com/europe/2020/09/30/our-commitment-...
It took some doing which was the whole point. The local provider even got a chance to match the offer.
