Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
pimterry 6 days ago

> Hell, you can host actual frontier models (e.g. Claude 4) on AWS Bedrock in the EU, so "in the EU" (from a hosting perspective) cannot be Mistral's USP.

I've seen zero cases so far where "physically present & managed in the EU but still owned by a US company" is sufficient to mitigate the typical US hosting concerns.

The threat is that AWS could be forced to a) suddenly pull services or b) spy on data by the US administration. That the DC is located entirely in the EU does nothing to reduce that risk if it's still fully owned by Amazon.

The was already a major concern for the last couple of years given the successful legal challenges against the privacy shield as sufficient data protection to give personal data to US organizations, and is way more of a concern after issues like Karin Khan and the ICC being suddenly cut off by Microsoft - it's clear that US companies literally can & will suddenly block key business services on administration whims. There's plenty of organizations where that's unacceptable risk.

epolanski 6 days ago | parent | next [-]

> I've seen zero cases so far where "physically present & managed in the EU but still owned by a US company" is sufficient to mitigate the typical US hosting concerns.

I did. Some of my clients by design host everything on German servers of Azure and call it a day.

f_devd 6 days ago | parent | next [-]

To be fair Microsoft has put the most effort[0] of any US company I've seen in order to try and work around the issue. Not that I would choose it.

[0]: https://www.microsoft.com/en-us/trust-center/privacy/europea...

sunaookami 6 days ago | parent [-]

As long as the CLOUD act exists (which to their credit Microsoft fought) there is no privacy as long as there are US companies involved.

ta20240528 6 days ago | parent | prev | next [-]

Then your customers are morons, let me explain:

1. the USA has secret FISA courts - defendants cannot even say they whether they were summoned, let alone what case or judgements were

2. the CLOUD Act compels American companies to hand over data, regardless of where its hosted.

So your German companies would never even know if they have been compromised.

But ignorance can be bliss.

pyrale 6 days ago | parent | prev | next [-]

> Some of my clients by design host everything on German servers of Azure and call it a day.

Accepting the risk isn't the same as finding a way to mitigate it. Plenty of EU companies just happily use US cloud providers, that doesn't mean the risk doesn't exist.

croes 6 days ago | parent | prev [-]

Did you correct them or do you wait until they get a warning letter from some shady law firm for violating GDPR?

epolanski 6 days ago | parent [-]

This is beyond my paycheck and responsibility to be honest.

jansenmac 6 days ago | parent | prev [-]

Microsoft didn't cut off Karim Khan. https://www.politico.eu/article/microsoft-did-not-cut-servic...

pimterry 6 days ago | parent [-]

That's not what that article says - it says they didn't completely cut off service to the entire ICC. The headline is confusing, but the quotes are pretty clear:

> A Microsoft spokesperson said that it had been in contact with the court since February “throughout the process that resulted in the disconnection of its sanctioned official from Microsoft services."