Late January, the U.S. Department of Commerce published a notice of proposed rulemaking for establishing new requirements for Infrastructure as a Service providers (IaaS) . The proposal boils down to a ‘Know Your Customer’ regime for companies operating cloud services, with the goal of countering the activities of “foreign malicious actors.” Yet, despite an overseas focus, Americans won’t be able to avoid the proposal’s requirements, which covers CDNs, virtual private servers, proxies, and domain name resolution services, among others.
This will never fly. Asking ISPs to verify identity is not a thing anyone is capable of doing. I’ve worked for hosting companies for the last 20 years.
Let’s hope not, this sounds absolutely atrocious. Privacy rights are in such a sad state.
I can totally just see my company moving all overseas or regional cloud operations migrating to some awful Equinix DC.
If a law were passed, infrastructure would materialize. Our freedoms cannot depend on the idea no one will step up to make money solving these “problems.”
Unless your ISP is running a cloud service, it wouldn’t be their problem. AWS, Azure, Google etc would be the ones hit with stronger identification requirements.
I’m not talking about residential ISPs.
Which ISPs. Also have hosting.
So don’t all ISPs know their customers. Usually they provide service to your place of residence or work.
Will it still be possible to purchase a VPS in another country and pay with Monero or something? This seems like insane over reach, are theu going to make it illegal for americans to do business with international IAAS providers?
The current administration and its agencies have clear contempt for any sort of crypto privacy they have shown in a variety of ways. The Tornado Cash sanction and criminal charges, recent Bitcoin mixer criminal charges, the proposed rule putting a “Primary Money Laundering Concern” black mark on people seeking crypto privacy in virtually any way… if it’s possible to still purchase online services privately after this, I’m sure they will go on to take further measures to try to close the “loophole”. They don’t want anyone doing things without being able to monitor them.
deleted by creator
Relevant Snowden quote:
Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say
I pay for vpn service anonymously even though I probably don’t need to, as my main use is torrenting. I can see a remote possibility that vpn payment records at some point end up being used against pirates, even just as some kind of risk factor flagging, in the same vein as what you are saying: “If someone is paying for a vpn, surely they’re doing something bad?” In countries that really want to crack down on speech and human rights, vpns get banned outright to varying success, and if you can’t pay anonymously in that situation you’re pretty screwed, this hurts those people.
In general I think everyone should be trying for some level of actual privacy online as a matter of principle, just because of how everyone being fully tracked and observed puts way too much power in the hands of those watching.
What would keep people living/companies working in the US from moving their infrastructure out of the country and having encrypted tunnels?
Cost. US is the biggest economy in the world and most tech companies are American. They could say if you don’t do this you can’t do business in America. Like cutting off tech companies doing business with China. It stopped non American companies.