undefined | Better HN

0 pointslolinder1y ago0 comments

> You only really control things on your soil. Physical location / possession matters for control.

This feels like an outdated worldview that no longer really applies to data. Data can be exfiltrated from the EU in milliseconds and there's nothing that the EU can physically do about it short of setting up a great firewall a la China.

The only thing they can do about it to retain sovereignty is to tell companies they're not allowed to exfiltrate data. But if they can do that successfully, they can also just tell the companies what they're allowed to do with the data wherever it is in the world.

0 comments

maxglute1y ago

Someone illegally exfiltrates data from within your jurisdication and you can use _your_ legal instruments. Someone uses your data stored on another jurisdication and your legal options more limited or even powerless. Data is too leaky to prevent, so states focus on having the most tools to deter, including legal. And for some legal instruments to have maximum effectiveness, the location of physical molecules are important.

lolinderOP1y ago

> Someone uses your data stored on another jurisdication and your legal options more limited or even powerless.

If that someone is a legal entity within your jurisdiction, you have lots of options.

I edited my original comment to link to someone who gave a good explanation—what I hadn't considered is how difficult tracking suppliers and subcontractors recursively and ensuring that they all have a presence in the EU would be. I think it's a bad solution to that problem, but it does make sense.