After complaining for months, online back-up services supplier Clunk Click has forced a change of heart from the Government over Get Safe Online, its Internet support site for companies and consumers.
Clunk Click had told the Cabinet Office and the Department of Trade and Industry (DTI), which sponsor Get Safe Online, that the four companies it listed as suppliers of online back-up services for small businesses and individuals were all US-based.
UK users making use of such services may be putting their data outside the reach of EU data protection laws, and could be putting their data at risk, pointed out Clunk Click's marketing director, Huw Roberts.
"We have many suppliers of online back-up services in this country, so why list only the US suppliers?" said Roberts.
Get Safe Online has attracted criticism in the past for receiving major sponsorship from companies such as Dell, Microsoft, eBay, BT and Lloyds Bank while claiming to offer impartial advice.
Roberts told ZDNet UK that he was particularly annoyed by the attitude shown by the DTI and the Cabinet Office, which he claims were slow to respond to his complaint.
"We had to get questions raised in Parliament to get their attention, and then they just started listing out name as one of the suppliers without telling us. They just haven't seemed to want to speak to us," Roberts said.
Clunk Click is now listed as a supplier on Get Safe Online, but Roberts says that this was "hardly the point of the exercise".
"We have had a lot of support from other suppliers in our business — many of them competitors — but the real issue if that the advice being handed out should be better," said Roberts. "They just list a bunch of US suppliers, and why are they listing them when we have plenty of good UK companies?"
Roberts points out that after the intervention by Clunk Click, the site has also been changed to include a caveat which reads "firms based outside the EU may not have the same data protection and privacy safeguards as European firms".
This disclaimer effectively means the UK Government advice on online back-up in Get Safe Online is "buyer beware", according to Roberts.
When contacted by ZDNet UK, the Cabinet Office released a statement in which it said that Get Safe Online "does not promote products or services."
"In order to give people tangible information, advice and tools to help keep people safe online, we felt that examples of well-known products which consumers have easy access to should be referred to on the site. There are disclaimers on the site regarding this," the statement continued.
Asked why the back-up systems category had initially only included US firms, the Cabinet Office said that Get Safe Online is "more than happy to include other organisations, where appropriate, to widen consumer choice and market competition".
On the issue of differing data security laws in the US and the EU, the Cabinet Office stated: "It is our understanding that any company operating in the UK is subject to legislation applying to UK businesses. Therefore we expect US companies referred to on the Get Safe Online Web site to incorporate procedures, whether these are external 'safe havens' or internal, to ensure they comply with UK legislation."
Talkback
'but Roberts says that this was "hardly the point of the exercise"'. Roberts is full of clunk.
"We expect" is usually spoken out by decision makers in announcement of their future "oops".
Ofcourse foreign companies will create digital safe havens. That is, until the first government official walks in or anyone else that manages to gain access. Oops, we didn't expect that at the time. Sure.
So what if something changes overseas legally that's not to your liking and you want to remote nuke your overseas (backup) data? Will that help? Nope, because you can't remote nuke the overseas backups of your overseas backup. Interesting question, what if you store your backup on a third-party server within your nation but the third-party organization decides to store backups overseas? Encryption or DRM to the rescue then? Not likely, first of all nothing created so far hasn't been bypassed later on and what if some new (foreign) law forces you to hand over the keys for all the reasons you don't agree with or else?
Maybe, just maybe, with all this (inter)national legal rope pulling and other forms of power games going on there's something to say for keeping things in-house. Closer to home if you will.