Burying the bad, sad joke of Safe Harbor and what it means for cloud users and vendors

LONDON

Apart from famous Mozart and infamous Hitler, Austria is not known for its oversupply of men who will leave their mark on mankind. Since this week we must add to the list Max Schrems who, with admirable boldness, stamina and single-mindedness, has convinced the European Court of Justice to pull the plug on the charade that the so-called EU-US Safe Harbor agreement was.

For those of you who hear about Safe Harbor for the first time, suffice it to say that it was a cosy arrangement whereby (mainly US) technology firms pretended to ensure their customer data were safe (especially from an increasingly nosy US government) and European governments and companies pretended to believe them.

Enter the young Austrian and things will never be the same again. Although an early and enthusiastic advocate of the cloud, I have repeatedly warned my Europe-based clients that going with a US cloud vendor now entails significant data-privacy risks. This does not mean you should stop considering Salesforce or Workday, but you should be aware of the risks posed by your employee and customer  data being siphoned off to the US and finding their way to a competitor – or worse. One of the largest European manufacturers, whose only competitor is based in the US, is about to move from SAP HR to a cloud solution (NDA commitments prevent me from mentioning the client's name). It has the option of either sticking with its well-known vendor and adopting SuccessFactors, or picking HR's favorite, Workday (with Cornerstone for LMS.) The option is therefore between a comforting European vendor and two US vendors which could pose a significant risk since this client's business is basically a duopoly between them and the American competitor.

European hero

Let’s not be naïve. Industrial espionage is a reality and just like European governments try and help their companies win new markets so does Uncle Sam. Except that the US government  has at its disposal cutting –edge technology and an arsenal of acts of  Congress that gives it unparalleled  power to do basically what it wants. If the US government had the moral stature of the Dalai Lama we probably wouldn’t worry. Unfortunately, trust in the US government (never very high to start with - remember Nixon, the Criminal-in-Chief of the 1970s?) has been steadily eroded by the Bush and Obama administrations’ continual assaults on public freedoms and individual rights.

In Europe, whose contribution to civilization includes the two most powerful totalitarian regimes of the 20^th century, we take data privacy way more seriously than across the Pond. Hence the Safe Harbor agreement we insisted on for lack of a better alternative. Except that the agreement soon turned out not to be worth the paper on which it was written, as we realized that technology firms’ self-certification didn’t amount to much.

With Safe Harbor now in tatters, we have a unique opportunity to fix this issue in a more credible way. One key demand of Europe which must be met is to put an end to America’s extra-territorial laws. Just as European laws cannot apply in the US, the arm of American law cannot extend beyond its shores. Facebook/Google/Apple/Amazon/Workday/Salesforce/Microsoft must NOT be forced by US courts to hand over data stored offshore. (Hats off to Microsoft for steadfastly refusing to comply with orders to hand over European customer data) User organizations must insist on their data being stored in their own region with full guarantees that no access from the US would be allowed.  Of course, this is easier asked for than complied with. If a vendor’s California-based support technician accesses a   European customer’s system to fix an issue,  the data may well find itself replicated on a US server where it would fall under US jurisdiction. (And careful about that spreadsheet of employee bonuses being emailed from a European office to a manager in the US - that may no longer be legal).

At Cornerstone's Convergence event in London this week, I asked their founder and CEO, Adam Miller about it. He promised they would never transfer European customers' data to the US.

"What if a  US court requests you to hand over the data? Will you refuse to comply?"

"We will not  hand the data over, because it is not  ours. It is our customers'," Adam replied categorically.

I always find it very entertaining to see some SaaS vendors insist that, during implementation, all customer data to be migrated can only be  sent via a secured, encrypted STP server, never by email or a thumb drive in order to ensure system integrator (SI) consultants never have  a copy of your data. Well.... Many screens or reports can easily be exported in Excel or PDF format on a desktop or laptop. No SI checks at the end of the day that their consultants’ laptops are clean. Nor do they prevent external hard drives being hooked up to their computers.

My advice to my clients: be vigilant. Model clauses are a way to go, but may not be enough.  Know what is at risk, what you can live with and what you can’t. And challenge your cloud vendor. Tell them that being compliant with their home government is fine, and even mandatory in many cases, as long as it doesn’t adversely affect you. But one thing's for sure: with this landmark ruling , data privacy in Europe will no longer be the bed of roses it has been for American vendors. Their cost of doing business has clearly gone up one notch.

The pipe dream of Catalan independence

BARCELONA
 

The ugly face of intimidation
Many a balcony in Catalonia are adorned with
the would-be-independent state flag.
Strangely enough, you rarely see the Spanish flag

A frequent visitor to this vibrant Mediterranean city for two decades, it is high time I gave my two cents on the madness of Catalonia's independence project. Reading the headlines-obsessed and shallow international press I realize few people understand what is really going on.

The independence movement is led (and  fed) mainly by Artur Mas, the president (equivalent to a US governor) of Catalonia, who in countless press and TV interviews whines about the innumerable alleged sufferings Catalans have had to suffer at the hand of "Spaniards" and the profound unfairness of Scotland being allowed a referendum and not his "country" (he conveniently forgets that Scotland voted against independence, anyway.)

Well, let me set the record straight and explain in layman's terms why Catalonia's breakaway project is sheer madness, unjustified by historical,linguistic, economic, legal and political facts. 

First of all, Scotland was for centuries an independent country, recognized as such by all of Europe. Were Scotland to become independent it would just go back to what it once was; actually, throughout its long history, Scotland spent more time as an independent country than as part of the UK. Catalonia, on  the other hand, was never an independent country. At one point in time there was a small territory headed by the counts of Barcelona (hence the nickname Ciudad Condal) but it was soon part of the larger kingdom of Aragon which merged with Castile in the late 15th century to give birth  to Spain as we know it. 

Cataloonia! - Where loonies want to lead you to catastrophe

Artur Mas and his antiquated  Nationalists, who feel nothing about inventing a mythical Catalan kingdom, then proceed to rewrite history by portraying the siege of Barcelona (which took place exactly 300 years ago - Europeans have long memories) as another manifestation of the Spanish state oppressing poor Catalans. That day is now celebrated as a "national" day in Catalonia to remind Catalans of how long "Spain" has been oppressing them. Pure hogwash. Barcelona was attacked not because it was a center of Catalan culture which had to be destroyed as the official propaganda would lead you to believe, but because it took sides in the conflict between the two claimants to the Spanish throne  in what became known as The War of Spanish Succession. Any other Spanish city opposing the new king would have suffered the same fate, so it had nothing to do with being Catalan. But Catalan nationalists would stop at nothing to paint themselves as victims and create fanciful grievances. Such victimization, in which a couple of generations of Catalans have been indoctrinated through the nationalist parties' control of education, fears no ridicule: Catalonia is Spain's richest region. How can they claim with a straight face that they are oppressed by the rest of Spain? Where on God's good earth have you ever seen the poor oppressing the rich? Only in Catalonia!

Then, we have the language question. A big argument for the independence movement is that Catalonia is different from the rest of Spain because it has its own language. As arguments go this one doesn't fly very high. Switzerland has four languages (read my blog post on Switzerland ), is way smaller than Spain and yet never thought of splitting up in four countries. In addition, and this is something few people inside and outside of Spain know, a majority of Catalans (55%) have Spanish as ...their native language! Catalan is spoken as a native language by only 33% of Catalonia residents. In other terms, the Catalan language is a minority language in its own "country". If it were to break away from Spain, Catalonia would be one of the few countries on earth where the national language is a minority language. Actually, talking about alleged oppression, if anybody is being oppressed in Catalonia it is the majority Spanish speakers who are forced to live with public signs in Catalan only. Walk around Barcelona and you will see everything written in Catalan. Prick up your ears and all you will hear is Spanish. Why not bilingual signs? What's wrong?

Catalan schizophrenia:
A rare sight in Catalonia: a bilingual sign.
Usually, public notices, billboards and street
signs are in Catalan, but in Barcelona and many
other places all you hear is...Spanish!

 Finally, let's go back to the Scots example Artur Mas is so fond of, except that the Scottish referendum was agreed upon with the British government; it was in full compliance with British laws. For me who lived a year in Scotland exactly three decades ago, I can't see anything wrong about it. But Catalonia's independence would fly in the face of the Spanish Constitution which clearly prevents secession. At last week's regional election, Mas & Co promised that should they win they would launch an independence process. Another proof of how these dishonest politicians are misleading their people is that they do not have the legal power to declare independence. This is as if I would wake up one morning and go to the office declaring I would raise everybody's salary by 10%. A laudable idea, no doubt, but for which I have no powers since I am neither head of HR or CFO. Any regional government in Spain can make decisions on transportation, education, language policies etc because these fall within their remit; however, the Catalan parliament and government cannot declare independence because that decision is reserved to the whole nation of Spain. It is a mark of the Catalan nationalist parties' that they are promising the people something they cannot lawfully deliver. They may not like the fact that they are in Spain, but they are. And as long as they are they have to comply with the law of the land. That's called democracy and the rule of law.

I don't want to sound too legalistic, but if Artur Mas and his bunch of loonies just stopped and  thought for a second they'd see that their independent Catalonia would suffer from the sins of its birth. If,  when it was part of Spain, Catalonia refused to follow its rules, why should its new citizens follow its own rules? They could say, "Oh well, I don't feel like sharing my taxes with the Catalan government, so I'll just  keep them to myself." What would prevent some parts of Catalonia (at last week's election, 52% of Catalans voted against pro-independence parties) to stay with Spain? Artur Mas & Co base their case on self-determination, but they wouldn't recognize that right for others.  

The reason we came to such a situation is because morally, politically and ideologically bankrupt Catalan nationalist leaders decided a while ago to whip up nationalist fervor to reach the ultimate goal of full power by becoming in charge of an independent country. After all, it is way sexier to be the head of an independent state, hobnobbing with the British queen and the French president, having a seat at the UN and considered an equal in the concert of nations than just a lowly regional premier. If achieving that aim means manipulating history, falsifying reality, indoctrinating citizens in an artificial sense of victimization, so be it, these power-hungry and unscrupulous Catalan nationalists are saying. 

Another comparison with Scotland doesn't paint the Catalan independence loonies in a favorable light. Whereas Scottish nationalists would make their case purely on why they felt Scotland would be better off as an independent state with no animosity towards the English or British governments (they even want to keep the Queen as head of state), Artur Mas & Co never miss an opportunity to hurl abuse at, and show their hatred of, the rest of Spain in what is clearly an insane fundamentalist campaign. Nationalism is indeed the last refuge of scoundrels.

Let me me very clear: as a multicultural person, fluent in five languages, a globe trotter and a great defender of individual  rights, I have no issue with an independent Catalonia or Barcelona or Ensanche (the latter is a lovely Art Nouveau neighborhood of Barcelona which goes by two names - the Catalan version is Eixample.) As long as the rule of law is obeyed, as it was in Scotland, one would have to accept it. And there is a legal solution. National elections will take place in a  couple of months. No political party is expected to gain a majority, meaning that a coalition will be in order. Let Catalan parties work with others to reach a consensus on changing the Spanish constitution to allow secession.  Then a referendum can be organized and, if won, then Catalonia can go its own way, in a democratic, legal, clean way. But of course power-hungry Artur Mas & Co want a messy  adventure, only then can they flourish. In an orderly, rational process people would see through them and vote against independence realizing quite rightly that there is more to lose than to gain from it.

Politically, especially geopolitically, the Catalan independence movement has an uphill battle before it. There are no cases of a successful breakaway territory without outside help. And that outside interference is not happening, as neither the EU nor the US have any interest in a  weakened Spain. The EU does not want to open the Pandora's box of disintegration of the European sovereign state system (part of the insane project would be to grant Catalan citizenship to all Catalan speakers in the neighboring Spanish regions of Valencia and Aragon, the Balearic Islands and even in southern France) and, since Catalonia cannot show any evidence of severe human rights violation or central-government oppression, there is no case for international involvement. European leaders, starting with Angela Merkel, have been very clear: Spain is a democracy and its laws must be obeyed by all. Should Catalonia leave Spain illegally and unilaterally it would find itself outside of the euro and the European Union. Would they be better off? I doubt it.  Felipe Gonzalez compared Catalan separatistas to Nazis and got a lot of flak for it. I understand perfectly well what he meant. Of course, Artur Mas & Co are not about to start roasting Spanish Unionists in ovens. But with their sense of superiority, that their problems are the result of others ("Spaniards" are their Jews), along with the linguistic cleansing they are conducting all over the region, Gonzalez sure has a point. 

Spain has got too many serious problems (the recovery from its worst economic crisis in decades is still fragile) that it doesn't need to compound them with false ones. Let's hope that a new coalition would come to power next December and settle this matter once and for all. But I'm afraid I can't be too optimistic: the Catalan issue will always lurk in a corner, ready to rear its ugly head whenever given the opportunity.

 

Great play at the Tivoli Theatre, right off the Plaza de Cataluña.
I use the Spanish version of the square, the way many
barceloneses  say "Consejo de Ciento" even though
the street sign says "Consell de Cent. "

(The blogger is spending a long weekend in the Barcelona province. An unusual weekend where the sun made itself scarce and rain was a daily occurrence with strong waves. Are the higher powers shedding tears on the current situation? I took the opportunity to go to the theater and see a terrific play, Escenas de la vida conyugal, with Ricardo Darin, Argentina's most famous actor, and his fellow countrywoman, Erica Rivas, who delivered an astounding performance in this adaptation of the Ingmar Bergman movie Scenes from a Marriage. The play was of course in Spanish, as befits this great Spanish-language city, home to the country's publishing business. Interestingly enough in today's El Pais there was an article by Mario Vargas Llosa on Carmen Balcells, Spain's most famous literary agent who died  recently: she was a Catalan and instrumental in popularizing Spanish fiction from Spain and Latin America.) 

(This is the latest in a series of country posts, of which several focus on Spain, a country close to my heart. One of my most popular posts is "1992-2012: My 20-Year Affair with Spain": As of today it has been viewed 7,577 times making it the third-most popular of my posts, and the first not business related)

(All pictures by the blogger. All rights reserved)