A Wellington tech activist is helping NGOs and individuals move their data off US servers and into data centres in Iceland and Switzerland, citing fears the Trump administration could exploit digital infrastructure.
Julian Oliver, from the cybersecurity firm Nīkau, has been moving data into secure data centres in countries known for their robust data-protection laws.
“This fresh anxiety is not without some basis. Vast swathes of civilian data are already being handed over to the Trump administration to exploit,” he told Q+A.
His consultancy didn’t comment on who exactly it was helping onto secure platforms.
“Our clients used to be environmental defenders and human rights groups,” he explains, but the net was now wider.
“You may think that’s fighting for human rights in a war-torn country but NGOs working with immigrants are under threat [in the US.]
“They may be lawyers working with illegal immigrants who face mass deportation.”
Oliver and his partner moved the data to centres in Iceland and Switzerland.
“After deployment, we train up the group-nominated system administrator to run that infrastructure. The keys are then flipped, we are locked out, and they sail off on their own.”
Oliver recently returned from two decades in Europe where he was known as a “good hacker”.
“I don’t give myself that label,” he said, “but happy for it to be ascribed. Not all hackers are sitting in dark rooms in hoodies and tats.”
He now describes himself as a digital infrastructure activist, urging people to understand that data and internet infrastructure were inherently political. Oliver said it was not just individuals and NGOs concerned about stolen data, but whole countries.
Under the US President’s first term, his administration passed what was known as the CLOUD Act. The legislation allowed federal law enforcement to legally compel US-based tech companies to provide data stored on their servers — stored stateside or abroad.
The law received support from the US Justice Department and major technology companies. Its supporters backed the bill on national security grounds.
In June, the French Senate called in a Microsoft France executive to ask whether he could guarantee the US company would not hand over French data to US authorities.
Under oath, Anton Carniaux said he couldn’t guarantee data wouldn’t be given to the Americans. “Europe has really been shaken by that,” opined Oliver.
The tech activist said he would love to bring the data into servers housed in New Zealand, but at present that was not possible.
“We need to understand the distinction between data sovereignty and data residency.”
“There are 55 data centres now in New Zealand. We wouldn’t move data into the big Amazon and Microsoft centres, of course.
“Then, you have other Aotearoa New Zealand owned data centres but we are part of Five Eyes and Five Eyes is basically about data sharing and surveillance.”
Oliver contends that New Zealanders do not talk about data sovereignty enough.
He said 40% of our public service data is kept on servers in Australia and we are connected to world via undersea cables, which makes New Zealand vulnerable.
Both Russia and China now had the ability to cut undersea cables, and Russia had previously been accused of doing so in the Baltic Sea.
“Heaven forbid if we have a world war, our cables could be snipped cutting us off all together. We can’t function. We [would] grind to a halt”.
For reporter Whena Owen’s full story, watch the video above
Q+A with Jack Tame is made with the support of New Zealand On Air
