Yesterday I was interviewed by Bloomberg News about the effects of NSA surveillance on the Cloud. They wanted to know if we had lost any customers specifically because of the Edward Snowden leaks. This, of course, is a hot topic: how is mass surveillance affecting the cloud, and can we quantify the damage that is being done? Is it costing us jobs and economic growth in the cloud? The answer, of course, is “yes” — and ServInt isn’t scared of saying so.
I said that we had lost customers and even more potential customers — which is true. ServInt has been one of the few players willing to speak up and say this and as a result we have been quoted in places like The Hill and the New York Times. The cloud hosting field is a tough, competitive business and it is hard to talk about losses. But ServInt isn’t afraid of calling out the problem, because we have been leaders in directly addressing the issue since it arose a little over a year ago.
The cloud in the United States has been badly hurt by the actions of the NSA. These days anybody can relocate their digital business with just two or three clicks of the mouse. You don’t need to sign a long contract or tell anybody why you are making your choice, you just move. I’ve talked to a lot of people who have decided they want to move their business outside of the United States because they feel like the US doesn’t care about privacy. I’m quoted in the Bloomberg article about this being a “death by a thousand papercuts.” I was talking about the affect on the overall economy, not our business, which for the record has seen a 30 percent decline in foreign signups since the NSA leaks began, not a 30 percent decline in total foreign customers.
In fact, ServInt is actually weathering the Snowden storm very well, compared to many of our competitors. Why? because our clients trust us. They understand the cardinal rule of security and data safety:
It’s not where you’re hosted, it’s how you’re hosted.
Your business needs to stay up, online and fast. It needs to stay stable and secure. And your data needs to be protected. You need experts at the helm to accomplish all of those things — experts you trust. And earning the trust of small to medium businesses is what ServInt has been doing for 19 years.
The NSA revelations are just another hurdle to overcome in ServInt’s ongoing pursuit of being the most trusted name in the Cloud. We’re doing so by requiring warrants for content, and by responsible handling of data. We’re doing so by being thought leaders in the fight against NSA surveillance in Washington, through our leadership within the i2Coalition. And we’re trying to curb the misinformation about NSA surveillance. Everybody tempted to move their content out of US datacenters needs to remember that the vast majority of all spying is done on foreign networks. “Move your site out of the U.S. to avoid spying” may be good marketing, but it doesn’t take into account the reality of how surveillance works.
We do all this because we want to win the day, and win it honorably, by doing the right thing We win the day when we make customer trust our number one goal. We win the day when our customers know we have their backs when it comes to protecting their data, and we win the day when we fight for privacy and NSA accountability.
This week I have the honor of representing not just ServInt but the rest of the Internet infrastructure industry when I get to moderate the Internet Education Day event and awards ceremony hosted by the Internet Infrastructure Coalition (i2Coalition). At this event, scheduled to take place on Wednesday, March 5, 2014 in the Rayburn House Office Building, the i2Coalition will be giving Champion of Internet Innovation Awards to U.S. Senator John Cornyn (R-TX) and U.S. Representative Zoe Lofgren (D-CA) for their work helping this industry grow and succeed.
I love this industry, because what we do is important. Our customers build their dreams atop our infrastructure, and their dreams are literally changing the world — for the better, in my view. That being said, the Internet is huge and complex, and it has attracted a few bad players with its reach and leverage. Companies like ServInt have been on the front lines of fighting that bad stuff for decades — things like child pornography, SPAM and malware.
It’s not enough for companies like ours to fight regulation of our industry. Read more
As part of our ongoing efforts to support Internet privacy and good governance, ServInt is donating the first month of all revenues earned from participating new VPS and dedicated hosting accounts added on Feb. 11 to the Electronic Frontier Foundation. We’re taking this extraordinary step because — on “The Day We Fight Back” against NSA bulk surveillance — we want the world to know we’re serious about our commitment to Internet freedom and fairness. Following is a brief review of just some of the reasons why — reasons that hopefully will show you why you need to get involved, too.
Let’s start by stating the obvious: NSA spying is wrong. It’s wrong because no government should ever monitor all of its citizens’ online activities just because any one citizen might be using the Internet to break the law. If only for this reason, you should join ServInt in observing “The Day We Fight Back” on February 11.
But there is another reason to join in the global crusade against the NSA’s “bulk surveillance” tactics — a reason that has more to do with the real-world impact the NSA’s activities could have on your online business. In other words, if you think legislative and regulatory activism is all about pie-in-the-sky idealism, think again. Here is the real dollars-and-cents reason why you should join us. Read more
The root of the problem is straightforward: not enough is being done to curtail NSA abuses, and the fact that larger steps haven’t been taken clearly shows that the administration does not understand what’s at stake here. I want to explain what we’re fighting for and what you can do to help us fight. First, though, let me set the scene:
Last Friday, President Obama outlined his proposed changes to NSA policies and procedures at a speech given at the U.S. Department of Justice. In his remarks, the President announced minor tweaks to NSA policies on data collection that were trumpeted as big changes, designed to convince the people of the world that they had no reason to fear NSA invasion of their privacy. Like the last time the President spoke about the NSA, this address was given on a Friday before a holiday weekend — the traditional dumping ground for news which our elected leaders would prefer we ignore. All in all, it was deeply disappointing. Read more
The USA FREEDOM Act: NSA Data Collection, the Escalation of Encryption, and Curbing the Digital Arms Race
On October 29, 2013, the USA FREEDOM Act was introduced to end the mass gathering of phone record data by the NSA.
H.R.3361/S.1599 is a bipartisan effort authored by Sen. Patrick Leahy (D-Vt.), chairman of the Senate Judiciary Committee, and Rep. James Sensenbrenner Jr. (R-Wis.) that seeks to curb the mass targeting of communications by American citizens by clarifying the language in Section 215 of the USA PATRIOT Act.
How does this affect you?
ServInt supports the USA FREEDOM Act because the same limitations that the bill places on the phone surveillance activities of NSA apply to other forms of communication, specifically Internet traffic. Not only should this bill get the NSA out of your phone calls, it should get them:
• out of your inbox
• out of your search history
• out of your text logs Read more
For this final post on the history of U.S. Internet regulation, we need to look at one of the broadest pieces of cybersecurity policy out there – broad enough to hit just about anybody in the world. The Computer Fraud and Abuse Act (CFAA) of 1984 and its increasingly liberal interpretation have led to a state of affairs in which most U.S Internet users — you and me included — could be considered felons.
Technology is changing far faster than any government could hope to keep up. One of the many challenges of setting cybersecurity policy is that if you set requirements that are technical in nature into the law they will be outdated by the time they are passed. The law can’t be prescriptive when it comes to cybersecurity, so it ends up turning to broad generalization.
The Computer Fraud and Abuse Act is one of those laws that succumbs to broad generalization. Read more
At ServInt, we are well into our eleventh year selling the cPanel server control panel. We have been an authorized cPanel Partner NOC since 2003, and believe it to be the best control panel on the market.
I don’t think it’s too much to say that we are also the world’s foremost experts in cPanel.
And now we have distinguished ourselves by being the very first web hosting provider to achieve 100% cPanel certification through cPanel University for our support and sales staff.
I believe so completely in the importance of a quality control panel – and in cPanel specifically – that I trained and passed my cPanel certification as well. It seemed like a natural step to maintain the best perspective on providing services to our customers. I was surprised – and honored – when Aaron Phillips, cPanel’s COO, told me that I am the first C-level exec at any company to get cPanel certified.
In an effort to help old and new customers who would like to learn more about how to use the cPanel/WHM control panel package, we’ve put together a joint webinar with our friends a cPanel: “cPanel 101 – Top Features.” The webinar will begin on Sep. 26th at 1pm EDT. Click here to sign up.
To celebrate our 100% cPanel certification, and to meet more of our customers face-to-face, we’re also sponsoring a booth at this year’s cPanel Conference in New Orleans (September 29th – October 2nd) and offering VIP tickets to the conference for our clients. You can Register FREE using the code ServintVIP2013.
I hope to see a you in New Orleans. Look for me at the ServInt booth in the Exhibit Hall or find me after my keynote: “Lessons from 18 years in web hosting.”
Any discussion about PRISM centers around the concept of privacy on the Internet. For my third post on the history of U.S. Internet Legislation, I’ll focus in on the laws that govern our privacy online.
When attempting to ascertain the state of online privacy, there tends to be a lot of talk about law enforcement “abuses.” Having a basic understanding of the laws that serve as the basis for most law enforcement and Intelligence community programs that target online activity can help us determine how, and whether, things need to change.
Let’s start our brief look at those laws by imagining that I’m a U.S. Federal officer and you are an American citizen, and my goal is to go through your underwear drawer to look for suspicious activity. To do that I need a search warrant, signed off by a judge, and generally to get that I need probable cause. The Fourth Amendment to the United States constitution, which prevents unreasonable search and seizure, requires that. The Electronic Communications Privacy Act was written to codify that these fourth amendment rights also exist online. However, certain laws carve out exceptions to the warrant requirement under specific conditions.
Discussion of our privacy rights online center around what the government has and doesn’t have the right to do with our online data. In the wake of PRISM I want to define two categories through which we can explore those legal rights:
- Surveillance that is made possible by the acquisition of a search warrant by law enforcement
- Surveillance that is made possible through an exception to the warrant requirement
Below are a few common legislative acts (not an exhaustive list) that empower law enforcement to get data they seek online. Read more
With the U.S. government’s PRISM program, there has been a lot of talk recently about what the government can and will do with Internet communications. What the government can do is limited by the protections granted under various laws governing the Internet. Some of the most important laws governing protections on the Internet are nearly 20 years old and – when written – were ancillary to much broader legislation.
In 1996, when the Internet was full of promise but of questionable scope, two pieces of United States legislation were passed that helped form the basis of the commercial Internet:
Section 230 of the Communications Decency Act (CDA 230)
The Safe Harbor provisions of the Digital Millennium Copyright Act (DMCA Safe Harbor).
As the Chief Operating Officer of a web hosting company, I take a lot of pride in the work we do. Companies like ServInt are building tools for people who are using the power of the Internet to change the world. Without the protections we receive from laws like CDA 230 and DMCA Safe Harbor, this innovation would not be possible. These two laws are the pillars that hold up the U.S. commercial Internet. Read more
Many of you know that ServInt is deeply involved in the fight for intelligent Internet legislation, through my part-time leadership role at the Internet Infrastructure Coalition. I took on that role for two main reasons: one, I care about the Internet. I believe the internet is fueling a global explosion of empowerment that will ultimately prove more lasting and more significant than the industrial revolution, and I want to do my part to make sure it all unfolds freely and fairly for everybody. Following from that, the second reason is that I care about making sure that as the internet grows, the rights of individuals and small businesses — i.e., the core of ServInt’s customer base — are never left behind. So when I represent the hosting industry in discussions about Internet governance, I’m also making sure that your voice is heard, loud and clear.
Making sure your voice is heard is why I’m here in Durban, South Africa, at ICANN 47 — the conference that sets policies and standards and manages open debate for assigned Internet names and numbers.
Those of you who are familiar with ICANN may be thinking: “hold on, those guys aren’t really concerned with hosting and data centers!” But the truth is that ICANN’s impact on the hosting industry — and the integrity of your businesses — could be huge. Here’s how:
Right now, ICANN is working on a number of things related to domain names that greatly affect hosting providers, like rebooting WHOIS and working on DNSsec. They’re also launching a new generic top level domain (gTLD) system, which could create the biggest new pool of ‘digital real estate’ in the history of the commercial Internet — and they’re working hard to make sure that while doing all this, the Internet and your online business stay stable and secure throughout the process.
Lastly, and perhaps most urgently, ICANN is dealing with how the internet industry will interface with international law enforcement when information requests are filed. Clearly, these are all very important discussions for companies like ServInt, because businesses like yours could be directly affected by these changes.
So what am I doing to help?
To be honest, though I was asked here to speak on behalf of the i2Coalition, I’m spending a lot of my time meeting people and pressing our industry’s case for greater inclusion in the ICANN decision-making process. Your rights — as well as the reliability and affordability of the infrastructure that hosts your online business — need to be protected. The big copyright holders are here already, and they’ve got a seat at the table. Policy makers from developing nations who want to transition control of the internet to a multinational organization like the ITU are here, and they’ve got a seat at the table. We don’t, and I’m here to change that.
The good news is, folks are generally receptive. Most ICANN attendees I talk to aren’t asking “what are you doing here,” they’re asking “what took you so long?” We might have started down this road sooner if we’d known how urgent the mission for ICANN inclusion would eventually be. But we’re here now, and though it may take a while (“multi-stakeholder” organizations like the ICANN move verrrrrry slowwwwly), I am hopeful.