OX Summit 2015 If any Americans are in doubt about what European technology business thinks of Silicon Valley’s data-slurping giants, it wouldn’t take them long to find out from a gathering in Berlin of European companies who look after personal data.
The audience applauded wildly (and it was the only applause of a sober keynote) when Rafael Laguna, CEO of open source enterprise software company Open Xchange, proclaimed that “Safe Harbor is dead”.
The attendees at the summit ranged from secure communications providers to large telcos, all of whom use the OX stack at some point. OX is growing at a clip, heading towards 200 million users for its open source platform, as Europeans look to provide secure local cloud infrastructure for their needs, rather than plumping for over-the-top players like Google or Dropbox. The latter are viewed as compromised in two ways: by their relationship with the NSA, and their slavish devotion to Silicon Valley VCs’ business models.
Laguna said "Safe Harbour", the legal fudge that allowed US companies to self-certify as compliant with European data protection law, really “died after 9/11”.
We compared the Max Schrems v Facebook ruling that torpedoed Safe Harbor to the Humpty Dumpty this week, a metaphor Laguna told us he would have used, if only more of his audience were familiar with the children’s nursery rhyme. “Nothing can put this together again, only a change in US law. And I can’t see that happening. So any guarantee that Google makes in Europe is worthless,” he told us.
“We need ownership and control of our data,” he told the audience in a keynote at the company’s annual partner event.
Growing up in the GDR, Laguna said, “I know the feeling of being watched, and you behave differently when you’re being watched, and that’s a loss of freedom. We spent hundreds of years and lost many lives fighting for that freedom – but we’re losing it on the internet.
Laguna said the “pretence died after 9/11”, but Safe Harbor had really taken 15 years to unravel.
But he went further. He said he thought free markets were under threat from Google’s business model, which destroys markets and leaves partners with no margin.
Secure email, independent European infrastructure... a pipe dream?
The revelations of former NSA sysadmin Edward Snowden and the Schrems case appear to have reminded individuals that their data has value, and that Europe needs to create its own infrastructure. The OX event was packed with people who can provide those alternatives – OX provides the office part, there’s video chat, file management and even a CRM offering on show – with the software either self-hosted or carrier-hosted.
An initiative announced yesterday promises to secure email with PGP crypto between participating hosts. It’s made up of best practice and source code for hosts to store the private key in their secure cloud, and then federate, creating a trusted key network. Sending email to users on insecure hosts – like Gmail – will light up a red warning light in your OX inbox.
It isn’t perfect, Laguna acknowledged, because the private key is stored at the server. But it’s “ten thousand times more secure” than what we use today. It means ordinary people will be sending PGP-encrypted email without realising it.
If you look closely, you can see Europe creating its own infrastructure, independent of the US snooping, and free of the locust-like Menlo Park business models that leave nothing but scorched earth behind them. What’s it got left to do? Quite a bit, to be honest, social networks being the biggie. But someday even Facebook could become just another protocol, like IMAP, or nntp.
And that’s a thought that should keep Zuck awake at night. ®