3d ago

Microsoft says U.S. law takes precedence over Canadian data sovereignty

www.digitaljournal.com

Privacy @programming.dev

Blaze (he/him) @piefed.zip

2d ago

Microsoft says U.S. law takes precedence over Canadian data sovereignty

www.digitaljournal.com /tech-science/microsoft-says-u-s-law-takes-precedence-over-canadian-data-sovereignty/article

Technology @lemmy.zip

misk @piefed.social

3d ago

Opinion

Microsoft says U.S. law takes precedence over Canadian data sovereignty

www.digitaljournal.com /tech-science/microsoft-says-u-s-law-takes-precedence-over-canadian-data-sovereignty/article

Canada @lemmy.ml

☆ Yσɠƚԋσʂ ☆ @lemmy.ml

3d ago

Microsoft says U.S. law takes precedence over Canadian data sovereignty

www.digitaljournal.com /tech-science/microsoft-says-u-s-law-takes-precedence-over-canadian-data-sovereignty/article

34 comments

Microsoft is 100% correct and that is also why governments should dump them for Foss.
- Or invest in local infrastructure.
  
  And, not or.
  
  Time to revive those Corel word perfect licenses.
- This is the way!
- I've been trying to convince my small rural municipality. I think everyone should.
- Wish I could upvote this more than once!
It appears that it does not matter if the target is an individual, organization, or government. As long as the legal request is considered valid in the United States, the target or location of the data does not matter.
As an example, the Department of National Defence and Canadian Armed Forces make significant use of Microsoft 365. They have their own defence-tailored instance called Defence 365, which serves as a common cloud infrastructure for collaboration across DND/CAF, with stakeholders and other government departments.
In theory, any data on or using Microsoft or a U.S.-based organization’s products and infrastructure which is not isolated from the Internet could be subpoenaed by the United States government.
- We are so fucked if they decide to push..
  
  The data is encrypted, hopefully really hard with some safe guards like a canary, so we should be safe if they decided today to try and crack it but I see your point. If that canary is killed we need a system to move it to.
Fine them billions!
If thy don’t comply with law, it has to hurt.
- Just another pretext for Donnie Poopypants to annex you guys.
  
  Annexation over a single company's profits?
  What is this the British East India Company?
Even more terrifying, everything is cloud based and/or has intrusive server-based DRM. They effectively have a kill switch for all MS services used by the government and military.
- F-35 kill switch anyone?
  Scary to think that maybe MS is running a fighter jet, sure as hell hope not but who knows.
  
  Every pro US legal argument of MSFT is a legal argument for every US based company.
Mountie has an extra hand.
It's difficult to know if a business you frequent uses Microsoft, but I suppose you can always ask.
But, as an individual you can choose to avoid MS. Linux is really good these days and Libre Office will do most of what you need. It may not be identical to the MS experience, but you do have a choice.
- It's not identical and there is a learning curve. That applies both to Linux and to LibreOffice. But that's a choice everyone has to make. Do you want convenience or do you want digital sovereignty? You can't have both. On the positive side, once you get over the initial hump Linux provides an altogether better user experience just on account of not being enshittified.
- It's actually quite simple to determine who an organization uses for their mail and data. All you need to do is review a domains DNS records (using a tool like dnschecker.org) and look at the MX record.
  For Microsoft/office365, you'll see some variation of "protection.outlook.com"/"exchange.domain.com". For google, you'll see a variation of " MX.google.com".
  DNS records are public information. The two biggest players in the space are Microsoft and google, the majority of SMBs do not host their own mail servers.
And we're happy to cooperate by signing our own version of that into law since there's an underlying treaty behind this warrantless data sharing: https://citizenlab.ca/2025/06/a-preliminary-analysis-of-bill-c-2/
I hope we can find a way to fulfill our treaty obligations with something that's not as terrible as the current one: https://www.michaelgeist.ca/2025/06/lawful-access-on-steroids/
Yep it’s time to dump MS.
_{Also 365 is lazy, what about leap years?}
So glad I've been self hosting for years. Email on a server in Canada at OVH. Everything else I self host from home and access through the same OVH server or direct WireGuard connection to my home network.
So if it’s US-based it’s ok, but if Chinese-based it’s not ok!? 🤔
- Who made that claim?
  Or are you just JAQing here?
- None of it is actually okay.
Canada is already part of 5 eyes, and war declared to destroy its economy has not caused Canada to rethink its membership. NATO states operate firmly under CIA control including full allegiance from every "legitimate" political party. EU parliament members are appointed with CIA approval. You can know this because even if US political leadership pursues peace with Russia, and aggresses memebers, US colonies are apoplectic over the possibility of peace or resisting further colonial oppression. CIA allegiance will save us from Trump is thinking. Meanwhile, black site torture centers in Libya, Lebanon, and Syria must have thought the same.
5 eyes is already integrated with internet tech giants. It is a means to provide CIA/NSA with complete information over all 5 nation citizens, and using the other 4 to loophole info about Americans.
I doubt you need to worry about MS employees accepting CIA information requests. The monster is already in the house, as per US law, that no company is allowed to admit cooperating with.

34 comments