If your threat model needs to include “I’m (going to be) a target of major nation-state intelligence community agencies” then it’s safest to assume none of this is going to prevent them getting your data?
It's going to make it more difficult for them which in aggregate will prevent them from obtaining all the data they want without spending more resources to get it.
It's also going to put more money into the pockets of non American alternatives which will in turn give them more resources to spend on making more secure offerings.
I'm all for resources for people looking for alternatives, but I think there are some flaws with the way this is presented.
The whole first section is a bunch of scary stuff that in the end is not really a great way to select products, at least in my personal opinion. If you are worried about nation-state spying you aren't going to use any cloud services, and you shouldn't take a company's location as any sort of reasonable way to protect yourself if you are truly on that level of tin foil hat.
> If the company has servers, offices, or employees in the US, it can be legally forced to hand over your data to the US government.
Yeah, including many of the alternatives that are on this list.*
I also think a lot of the alternatives have their own flaws.
- Alternatives that are listed with "Strong privacy laws, GDPR applies." Well, the GDPR applies to any user in the EU using a product made by a US-based tech company. So choosing a company solely for GDPR coverage isn't really a particularly good reason to choose it.
- Alternatives like Opera and Deepseek have offices in China which for many people concerned about state surveillance isn't exactly an upgrade.
- Some alternatives on the list have US servers and US ownership, like Tidal (owned by Block (Square), a US company).
None of this really matters when people are simply switching out of emotional hysteria without logical reason.
Give it a couple years, and no one will even remember this niche movement to move away from US-based services, with all of these websites and github repos left unmaintained and abandoned.
the GDPR applies to any user in the EU using a product made by a US-based tech company
while that is true, it is questionable whether it can be enforced.
also it is a problem for EU businesses using such services because it puts them at risk of being in violation of the GDPR. and as as a EU citizen not actually living in the EU i am interested in using EU based services because there the protection applies to everyone.
Seems similar to https://european-alternatives.eu/ which was summitted a couple of times already
Eventually we might also need non-US driven programming languages and OSes, that are needed to power such non-US based services.
What’s the non us alternative to this site?
HN might be served from the US, but it's operated entirely by subjects of the king.
If your threat model needs to include “I’m (going to be) a target of major nation-state intelligence community agencies” then it’s safest to assume none of this is going to prevent them getting your data?
James Mickens covered this at Monitorama 2014 in a humorous way. https://vimeo.com/95066828 (16:30)
the threat model is getting caught in a dragnet and data being abused by bad actors (eg for advertising) because US law does not protect against that.
It's going to make it more difficult for them which in aggregate will prevent them from obtaining all the data they want without spending more resources to get it.
It's also going to put more money into the pockets of non American alternatives which will in turn give them more resources to spend on making more secure offerings.
Every little bit counts.
I'm all for resources for people looking for alternatives, but I think there are some flaws with the way this is presented.
The whole first section is a bunch of scary stuff that in the end is not really a great way to select products, at least in my personal opinion. If you are worried about nation-state spying you aren't going to use any cloud services, and you shouldn't take a company's location as any sort of reasonable way to protect yourself if you are truly on that level of tin foil hat.
> If the company has servers, offices, or employees in the US, it can be legally forced to hand over your data to the US government.
Yeah, including many of the alternatives that are on this list.*
I also think a lot of the alternatives have their own flaws.
- Alternatives that are listed with "Strong privacy laws, GDPR applies." Well, the GDPR applies to any user in the EU using a product made by a US-based tech company. So choosing a company solely for GDPR coverage isn't really a particularly good reason to choose it.
- Alternatives like Opera and Deepseek have offices in China which for many people concerned about state surveillance isn't exactly an upgrade.
- Some alternatives on the list have US servers and US ownership, like Tidal (owned by Block (Square), a US company).
None of this really matters when people are simply switching out of emotional hysteria without logical reason.
Give it a couple years, and no one will even remember this niche movement to move away from US-based services, with all of these websites and github repos left unmaintained and abandoned.
the GDPR applies to any user in the EU using a product made by a US-based tech company
while that is true, it is questionable whether it can be enforced.
also it is a problem for EU businesses using such services because it puts them at risk of being in violation of the GDPR. and as as a EU citizen not actually living in the EU i am interested in using EU based services because there the protection applies to everyone.