GambaJo 17 Posted October 9, 2015 Share Posted October 9, 2015 The European Court of Justice decided, that european data is not save on us servers and the court decided that the safe harbor agreement is inavlid.When I look at the german evernote page about privacy, I can read that evernote still transfers my personal data to servers in the USA. But now this is illegal. What will evernote do? To be legal evernote has to store personal data from EU citizens on servers in the EU. Link to comment
Level 5* gazumped 11,652 Posted October 9, 2015 Level 5* Share Posted October 9, 2015 I'd imagine that, like all other major software service providers, Evernote still has its legal team crunching through the implications. Until then - How Can I Contact Evernote?Evernote welcomes your feedback regarding this Privacy Policy. If you have questions, comments or concerns about this Policy, please contact us by email at compliance AT evernote DOT com or postal mail... https://evernote.com/legal/privacy.php Link to comment
gbarry 2,658 Posted October 9, 2015 Share Posted October 9, 2015 We are evaluating the EU Court of Justice's Safe Harbor ruling and are concerned about its impact on any global company's ability to handle the data of European residents. We are currently considering our options in light of this ruling. We want to be clear that even with this decision, your [or your business's] privacy and data are and will remain protected. Link to comment
GambaJo 17 Posted October 10, 2015 Author Share Posted October 10, 2015 Thx. We want to be clear that even with this decision, your [or your business's] privacy and data are and will remain protected. I don't think so. The US government respectively the intelligence service can force evernote to give data from Eeuropean residents. They even can force evernote to keep this access to this data secret. This doesn't sound protected for me. Link to comment
Level 5* gazumped 11,652 Posted October 10, 2015 Level 5* Share Posted October 10, 2015 If data is kept in the UK, the GCHQ will have similar access to it - and they, like most other government/ intelligence services in Europe will share with the US because we need them to share with us. If you want your data kept off official desks, don't put it online... Link to comment
Level 5* GrumpyMonkey 4,319 Posted October 10, 2015 Level 5* Share Posted October 10, 2015 ... or, encrypt it before uploading. Evernote allows the encryption within the app of text blocks. Integrations like "Saferoom" allow the encryption of entire notes. And, of course, you can encrypt PDFs or other files before putting them into Evernote. Ideally, in the future, Evernote would allow for zero knowledge encryption of notebooks. The US just announced that it won't force companies to provide backdoors, and this paves the way to more encryption, as companies now know that the govt. (at least, this administration) will not fight encryption.http://www.nytimes.com/2015/10/11/us/politics/obama-wont-seek-access-to-encrypted-user-data.html?hp&action=click&pgtype=Homepage&module=second-column-region®ion=top-news&WT.nav=top-news&_r=0 Link to comment
DutchPete 247 Posted October 11, 2015 Share Posted October 11, 2015 ... or, encrypt it before uploading. Evernote allows the encryption within the app of text blocks. Integrations like "Saferoom" allow the encryption of entire notes. And, of course, you can encrypt PDFs or other files before putting them into Evernote. Ideally, in the future, Evernote would allow for zero knowledge encryption of notebooks. The US just announced that it won't force companies to provide backdoors, and this paves the way to more encryption, as companies now know that the govt. (at least, this administration) will not fight encryption.http://www.nytimes.com/2015/10/11/us/politics/obama-wont-seek-access-to-encrypted-user-data.html?hp&action=click&pgtype=Homepage&module=second-column-region®ion=top-news&WT.nav=top-news&_r=0 Not the current government, but what about the next one? The current gvt. is on its last legs, so what will soon count is the next gvt. Link to comment
Level 5* Metrodon 2,184 Posted October 11, 2015 Level 5* Share Posted October 11, 2015 If you believe that governments won't always demand back doors (whether publicly or privately) then I'm afraid you are going to be disappointed. Encryption may give some protection against casual hacking, governments and eventually larger criminal organisations will always find a way in. If you want 100% guarantee of privacy then simply don't use a cloud service (or a computer, or paper or anything.....). Link to comment
Level 5* GrumpyMonkey 4,319 Posted October 11, 2015 Level 5* Share Posted October 11, 2015 If you believe that governments won't always demand back doors (whether publicly or privately) then I'm afraid you are going to be disappointed. Encryption may give some protection against casual hacking, governments and eventually larger criminal organisations will always find a way in. If you want 100% guarantee of privacy then simply don't use a cloud service (or a computer, or paper or anything.....).i don't think it's as bad as that. https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.htmllike locking your house, car, or computer, it affords certain physical and legal protections you won't get when they're unlocked. it's simple stuff, technically feasible, and already implemented by evernote's competitors to varying degrees. i'd pick encryption over any other new feature in the pipe. Link to comment
Level 5* Metrodon 2,184 Posted October 11, 2015 Level 5* Share Posted October 11, 2015 I'm the last person to sit in the corner with a tin foil hat on believing that Evil Government are watching everything I do. I also don't believe that 'legal' protection is any real protection or that commercially available encryption doesn't have back doors. All depends on what data you have and who you think you are protecting it from. Link to comment
Level 5* GrumpyMonkey 4,319 Posted October 11, 2015 Level 5* Share Posted October 11, 2015 I'm the last person to sit in the corner with a tin foil hat on believing that Evil Government are watching everything I do. I also don't believe that 'legal' protection is any real protection or that commercially available encryption doesn't have back doors. All depends on what data you have and who you think you are protecting it from.actually, i'd say that if the fbi is raising a stink and the govt. is trying to require backdoors, that points to some pretty onerous encryption out there, especially with apple. there is probably a reason why snowden used it and still recommends it. if it didn't work, why make such a big deal out of it?the government doesn't have to be evil to practice surveillance that uses our tax dollars to violate our constitutional rights and ruin our lives. with the best of intentions, it has recently been caught up in two abysmal high profile failures in trying to catch spies: it wrongly accused a professor of selling state secrets to china, for example, thanks to incompetent interpretation of the data it collected. plenty of my colleagues (and me) work across national borders, thereby triggering surveillance of communications, and opening us up to clumsy attempts at mining the data stolen from us. i'm not anti govt. or anything, and i am glad they are out there doing their jobs, but i do want to keep my data, however pedestrian and banal, out of anyone else's hands, because it is mine.but, there are also the very real, serious, and significant legal issues. putting unsecure data on the cloud risks hipaa and ferpa violations in the us, or violations of employment agreements that will end your career in other countries, not to mention (unintentionally or not) violate the privacy of students, family, friends, and employers. encrypting data could protect you from unnecessary and costly legal exposure. the lack of encryption costs evernote as well. without encryption, evernote cannot be used by employees for work-related matters at some businesses and educational institutions. imagine how great a selling point it would be to make evernote available to doctors (constrained by hipaa), educators (constrained by ferpa), contracted labor (constrained by ndas), and everyday folks who are tired of falling victim to hackers. users may also be avoiding the service, because their personal account data is not encrypted when they access evernote from the ork computers. the case for encryption seems pretty good to me, and i've used it in other services without any problems, so i know it can be done. evernote, hopefully, will reprioritize stuff under the new ceo and get more serious about security/ pivacy. Link to comment
Level 5* Metrodon 2,184 Posted October 11, 2015 Level 5* Share Posted October 11, 2015 Oh, I'm not saying there isn't a case for it. Lots of good reasons to have it. I'm just saying that having it doesn't guarantee that your data is 100% safe from prying eyes (but you will have legal protection from your regulator). Link to comment
Level 5* GrumpyMonkey 4,319 Posted October 11, 2015 Level 5* Share Posted October 11, 2015 Oh, I'm not saying there isn't a case for it. Lots of good reasons to have it. I'm just saying that having it doesn't guarantee that your data is 100% safe from prying eyes (but you will have legal protection from your regulator).true that. i'm no expert, but from what i have read, nothing is going to be 100 percent. it's a lot better than zero, right? like the locked house, it is more of a deterrent. and, if big govt. agencies fear it, it must be enough of an obstacle, even for well-funded hackers (state or private), to make it worth our while. the legal benefits are also nice, particularly for evernote's business; the european ruling, and the thinking behind it, is probably no worry for other global players who have already implemented robust encryption. Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.