Worried about the CLOUD act that was sprung on the American people? Take a deep breath. Hold it. Now let it out and let's talk... Steve Gibson from "Security Now" is my guest to have a serious, NON-PANICKED, conversation about the CLOUD act, what it does, why it does it and what YOU can do to protect yourself and the others in your circle of trust. Trust No One... but listen to us!

CLOUD: "Clarifying Lawful Overseas Use of Data" US Congress Passes CLOUD Act Hidden in Budget Spending Bill Late last Thursday night the US Congress passed a $1.3 trillion dollar spending bill to keep the US government funded through September. The photo of the printed legislation is "impressive". I think I recall seeing that it was 2200 pages. It was about an 18-inch high stack sitting on a table next to our president as he announced the bill's successful passage. However, arguably buried in that Omnibus legislation was the so-called "CLOUD act" where CLOUD stands for Clarifying Lawful Overseas Use of Data. Given that this new legislation was proposed six weeks earlier as a means for dealing with Microsoft's refusal five years ago to turn over US citizen's data residing in Ireland... you can guess what that "clarification" amount to... even if you didn't know that the EFF was glowing a gasket over then-the proposed legislation... which is now the law of the land. As BleepingComputer put it:"The unaltered and now official CLOUD Act effectively eliminates the need for search warrants and probable cause for obtaining a US citizen's data stored online. US law enforcement only needs to point to some account and tech companies must abide and provide all the needed details, regardless if the data is stored in the US or overseas." Further, the bill recognizes foreign law enforcement and allows the US President to sign data-sharing agreements with other countries without congressional oversight. The CLOUD Act will then allow foreign law enforcement to require data on their own citizens stored in the US, also without obtaining a warrant or proving probable cause. The EFF notes that: "Since there is no more need for a foreign law enforcement agency to obtain US warrants or prove probable cause, this opens the door wide open to political abuses." The EFF's page makes their feelings clear. It's titled: "A New Backdoor Around the Fourth Amendment: The CLOUD Act" where they explain how this is a backdoor circumvention of the US Constitution's protection against illegal search and seizure. So... we now have official, warrantless, cross-border data sharing. Many years ago we coined the term TNO for "Trust No One" ... ** From Security Now - Episode 656 ** Let's talk about what's a stake... It's NOT just our email and our files: We've given A LOT of our personal information to companies like Facebook and Google with the expectation that they'd be responsible with that data. * The problem is that WE didn't really know what that meant. * Because MOST of us don't actually understand the amount and type of data being collected Google is a great example https://history.google.com * You can use "My Activity" to turn off this tracking ** HOWEVER... Google still collects data... they just don't store it for a long period of Clo

These show notes have been truncated due to length. For the full show notes, visit https://twit.tv/shows/know-how/episodes/375

Hosts: Fr. Robert Ballecer, SJ and Steve Gibson