Late January, the U.S. Department of Commerce published a notice of proposed rulemaking for establishing new requirements for Infrastructure as a Service providers (IaaS) . The proposal boils down to a ‘Know Your Customer’ regime for companies operating cloud services, with the goal of countering the activities of “foreign malicious actors.” Yet, despite an overseas focus, Americans won’t be able to avoid the proposal’s requirements, which covers CDNs, virtual private servers, proxies, and domain name resolution services, among others.
This will never fly. Asking ISPs to verify identity is not a thing anyone is capable of doing. I’ve worked for hosting companies for the last 20 years.
Let’s hope not, this sounds absolutely atrocious. Privacy rights are in such a sad state.
I can totally just see my company moving all overseas or regional cloud operations migrating to some awful Equinix DC.
If a law were passed, infrastructure would materialize. Our freedoms cannot depend on the idea no one will step up to make money solving these “problems.”
Unless your ISP is running a cloud service, it wouldn’t be their problem. AWS, Azure, Google etc would be the ones hit with stronger identification requirements.
I’m not talking about residential ISPs.
Which ISPs. Also have hosting.
So don’t all ISPs know their customers. Usually they provide service to your place of residence or work.
Will it still be possible to purchase a VPS in another country and pay with Monero or something? This seems like insane over reach, are theu going to make it illegal for americans to do business with international IAAS providers?
What would keep people living/companies working in the US from moving their infrastructure out of the country and having encrypted tunnels?
Cost. US is the biggest economy in the world and most tech companies are American. They could say if you don’t do this you can’t do business in America. Like cutting off tech companies doing business with China. It stopped non American companies.
