From a legal standpoint: Does this now comply with the EU (German?) data privacy laws?
I was told the other day, that using Heroku was a No-No, because you are storing your customer data with a non-EU-compliant company outside the EU. With this, the data resides in the EU. Does this (magically) make my troubles go away?
From the "Safe Harbor Compliance is Coming Soon" section:
Heroku is not yet a registered participant in the Safe
Harbor program. We’ve laid the groundwork for becoming
Safe Harbor certified and expect to have it soon. The
Europe region public beta is designed to let you build
high-performance apps for European users. It does not
currently address data residency or jurisdiction concerns.
You should assume that some portions of your app and its
data will be in, or pass through, datacenters located in
the US.
How close are you to fulfilling those requirements?
I am just asking, because there are quite a few German PaaS providers showing up now. So there seems to be a market.
And it is a real problem when you try to do business with healthcare
Well, IANAL, but they say they are based on Ireland (in Amazon's EC2 servers), so Irish law (which is a subset of EU law) applies to their servers there.
I'm not sure what they keep meaning by "not safe harbour compliant", since the law applies all the time to all people in Ireland....
IANAL either, but note that Heroku is an American company and that probably has implications due to the PATRIOT act. Check out what a Microsoft exec had to say about this: "Microsoft cannot provide those guarantees. Neither can any other company" - http://www.zdnet.com/blog/igeneration/microsoft-admits-patri...
The press releases talk about them not being Safe Harbour yet but it is now much more in progress. Your data may pass through the US still at presently.
I may be more excited about Heroku Fork than I am about the EU region. I've copied apps many many times, it's one of those tasks that I always meant to write up into a script and never got around to. Thanks Heroku!
Is this based in the EU? Or a non EU European country? EU =/= Europe. The blog post keeps mentioning Europe, but a lot of aliases are EU. This is important to figure out what law is applicable. (The graphic implies it's hosted in Ireland)
This is based in the AWS EU datacenter in Ireland. However, as far as the law is concerned, we are not yet Safe Harbor compliant, but are actively working on it.
Sign up for updates to stay informed heroku.com/europe
I work on Heroku, on the databases, which are rather thorny in that department...
...it's going to take some evolution in how applications are written to make that work not uglifically (and it'll probably be ugly at first and for a while), but it's the dream, and I think it'll come to pass over time and with work from many people.
There are literally more Heroku folks in this thread than unaffiliated commenters :P well played.
Personally I'd just be happy with a master-master postgres db or sharding, for $money, where money is some amount enough to make that happen without me worrying about it.
Wow, this is awesome for both DR reasons and performance reasons. Congratulations Heroku! (Hopefully a second US Region and an Asia Region will follow...)
Remarks: I am totally not a lawyer