Web creator criticizes Brazil's local storage plans

Web creator criticizes Brazil's local storage plans

Summary: Tim Berners-Lee voices concerns over government plans to demand local servers

TOPICS: Networking, Privacy

World wide web creator Sir Tim Berners-Lee has criticized the Brazilian government's plans to demand that organizations store data locally at a United Nations gathering in Geneva yesterday (5).

Berners-Lee was quoted by newspaper O Estado de São Paulo as saying that the requirements for local data storage, which are part of Brazil's upcoming set of regulations to govern internet use, are an "emotional reaction" to the NSA spying episode and will not have any practical impact in reducing espionage risk.

The statements were made at the launch of the Web We Want campaign, which aims to create a national bill of rights for the internet in every country to protect online freedom. The initiative is led by a coalition of influencers around the world including Joaquim Arruda Falcão, the dean at Fundação Getulio Vargas, one of the most prestigious business schools in Brazil.

The British scientist added that the Brazilian government's plans to demand that data lives only inside the country are not applicable for two reasons. One is related to the difficulty of managing social networks, as well as the fact that the web is based on the principle of not having government controls - meaning that nationalizing servers would not be a good idea.

Berners-Lee pointed out that while the Marco Civil da Internet is generally positive, the requirement to store data locally should be removed.

But Brazilian ministers have affirmed in the last few weeks that the government will not back down on its decision to introduce rules that supposedly increase control for the better and reduce the likelihood of NSA-like spying occurrences.

Meanwhile, corporates are moving to adjust to the possible new realities. Microsoft, for example, has announced this week that it will enable cloud customers in Brazil to store their data locally from next year. Other companies such as Facebook and Google have voiced their disapproval of the proposals.

As I said before in this blog, even the enforcement of stricter rules regarding data protection do not mean that our information is safe. While legislation can help create a safer environment on the web, the law is never going to be ahead of the technology.

We can only hope that Brazil's politicians and their advisors can realize that - before voting an ill-conceived set of regulations that is utterly irrelevant in this day and age.

Topics: Networking, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • It may not be all motivated by security.

    ".....are an "emotional reaction" to the NSA spying episode and will not have any practical impact in reducing espionage risk."

    Berners-Lee is correct in the context of security. Off shore data centers have as much, if not more, to worry about than those in the US but I see this as one country "speaking with their wallet". Whereas there are no direct security gains and 100% compliance would be impossible, they are still taking business away from US companies that they would have otherwise used. This, in turn, will (hopefully) cause US companies to pressure the US Government more and create more urgency to fixing these problems so our companies can stop bleeding business.
    • Your points are logical, but...

      ...reality shows a different picture. Lawmakers and bureaucrats in Brasília are not known for being particularly keen on saving taxpayers' money, are too parochial to think globally and have a business-focused international policy, are definitely not tech-savvy (and one of the few that are, Congressman and former state governor Eduardo Azeredo, who before politics had a career in IBM Brazil and other IT companies, was the one who drafted a fortunately rejected early version of the Marco Civil bill that was a disaster in terms of establishing a "1984" state that the NSA could only dream of), and can't grasp the real nature of the Internet. If they decide it suits their interests that the water in waterfalls runs upwards, they will legislate that way, and no one will be able to convince them that it's impossible...

      However, Brazil has a long tradition of tackling big problems with highly flawed new laws, which eventually get changed (or are simply ignored and unenforced) as reality charges its toll. We are used to getting what we can and to being thankful for the full half of the glass, taking care of the empty half later. Berners-Lee himself admitted that the Marco Civil is overall a good bill, and I'd rather see it approved as it is than having nothing at all.

      As for the U.S., the amount of business in data centers and such are a drop in the ocean of U.S. economy and not enough to balance the priorities of those in Washington whose main concern is having power, keeping it, and getting more power. If they didn't do much when whole industries moved to Asia and elsewhere, eliminating millions of American jobs, it's extremely unlikely that they will do anything in this case for business or economic reasons. Now, if they somehow feel that their power is threatened, that will be an entirely different story...
    • The funny part is...

      Does anyone think Brazil, Germany, the UK, France, Russia, China, Japan, Mexico, South Africa.... don't all have similar programs like the NSA?
  • Let the free market

    Your complaints are made known, but that shouldn't be reason enough to make them stop. Let them create the product, and since it will have holes, it can then evolve to be made better. More competition with services means people get to pick and choose which models they want to fashion theirs after. That can't be a bad thing, options.
  • I sort of see it Brazil's way

    The only way to ensure data storage is entirely compliant with local privacy law is to store it in facilities fully subject to that law. It is a shame there isn't an international covenant on data security to which the US is treaty bound, but until such time as there is, data parochialism is a natural and understandable by-product of it.
  • There solution is not really a good one

    Sigh... local servers and some of their other criteria are IMHO merely a waste of time and money.

    In point of fact, I can certainly see why they would want to do this, they have been insulted on several levels. But that does not make it right.

    Data integrity even with localized servers is impossible. on line sales, forums, social media, support groups and tech support to be maintained would all require incoming and outgoing lines, unless they are going to blackout the entire nation from the world. Unless that is the case, then there will *always* be avenues, back doors, etc... for spying or information gathering.

    The issue is that as long as people can communicate out of country of go out of country for anything... then to the paranoid mind nothing is safe.

    Additionally, while it is to my knowledge not being openly said, the simple fact of the matter is with localized servers, there is nothing to stop the government of *Brazil* from spying on its own people (not that they did or did not before, this would merely make it easier).
  • IT security

    Half of the security lays in jurisdiction, not really preventing data access. With Brazil, it would seem the move is to make sure they have legal jurisdiction over things, vs the US, which conceeds all rights to law enforcment or intelligence, or the EU where they have to be baught off for rights behind the scene's (in reguards to individuals or companies).
  • Hurray for Brazil

    The BO (Biden & Obama) smells like bad odor, global plan for world conquest has been exposed by Edward Snowden. The black would be Hitler is just a cheap imitation fascist. Brazil has just started! First the $4 BILLION airplane contract was cancelled thanks to BO stupidity, now the American companies must pay a spying tax $10,000 per minute up to $10,000 per second. Brazil is going to get rich thankyou BO (smells like bad odor)
    William Hewitt
    • Not helpful

      The mention of Hitler and the use of pejoratives quickly invalidate any argument you were attempting to make. Try not to use them for pedagogy.
  • Not bullet proof, but could've been worse.

    OK they say local servers, at least that gives Brazil a bit more control than what the otherwise might have. But the Patriot Act compels compliance by US companies even if the service is offshore from US soil. So the service providers will have a larger legal delema than what they currently have now.

    They are going to have to invent franchises, it'll be the only way to circumvent the legal delema.

    Also, I don't see how this hampers the Google/Facebook hovering of market information. So it could've been a hell of a lot worse for the big 4, they were not really the target of all this.