Ask HN: Why not have an EU browser?

7 points by osigurdson ↗ HN
I've been wondering, why don't we have a chrome fork that only accepts sites hosted in the EU? If a site is hosted in the EU then it can be fully regulated by the EU.

This would make it easier for citizens to know that their data is is safe (according to EU standards) and avoids the regulatory complexities of trying to enforce rules in other countries.

Thoughts?

11 comments

[ 4.4 ms ] story [ 31.0 ms ] thread
A very large proportion of EU/EEA websites are hosted outside EU/EEA or using companies from USA.

The user experience would be somewhat poor.

Who would use it?

Like, if you are in Germany and want to travel to the UK then you need to use a UK site to get an Electronic Travel Authorization. UK is not in the EU, so you'll need another browser.

Norway and Switzerland are also not part of the EU.

And then there's something odd about thinking that if you connect to Facebook's data center in Ireland then that interaction with Facebook is fully regulated by the EU and the data is safe.

Nor is it like EU-based servers are automatically outside the reach of the US CLOUD Act, if the server is operated by a subsidiary of a US company.

Let's step back for a second and analyze your proposal by breaking it down. The first issue I came across is what's the definition of 'site hosted in the EU', ie. how a browser would check that? Let's analyze what options we have (not saying the list covers everything):

1. Do ASN scan of the IP where the DNS entry for that webpage points to

2. Analyze the web resources the page is referring to (much the way urlsca.io does)

If I was implementing that, then with 1. I would probably immediately hit the issue of some/most of the pages being behind a proxy (cloudflare, etc.). With 2. if you had Google Analytics tag on it (and most of the pages do?), then it would show a lot of references to the US.

My point is, that it might be hard to implement not only becasue of whether it makes sense, but also because of: how would you do it?

If you were thinking the way for instance broadcasting companies restrict their content based on where you try to watch a movie from (they only allow certain countries), then I think that's a totally different setup.

Actually I started thinking about the idea you are proposing a lot, but in a more general way. With all the recent development in geopolitics, on whether I can have all the data and technology in EU. The natural move was to verify how much of the solution I already have, ie. host the data itself on Hetzner Cloud. But I think EU is still far behind when it comes to the glue, ie. the software part and the analytical part. Practically every company needs some sort of tracking and most of those solutions that we currently have immediately put you outside of EU.

I am currently experimenting for instance with umami to swap out Google Analytics. They have a solution that you can self-host. But again, this is some effort compared to ready off the shelf GA that 99% of companies probably would use.

I thought any website that wanted to operate in the EU had to follow EU regulations. How well this is enforced is another question.
(comment deleted)
The browser isn't the problem — it's the default. Most people never change defaults regardless of what's available. An EU browser solves a distribution problem, not a technology one.
The idea is good, but I think it has voids

A company can host servers in different location and serving in different location. Server location ≠ data jurisdiction

What does GDPR says? it applies based on who processes data about EU residents, not where servers sit.

It Could also break internet for EU users.

Massive amounts of users in EU uses Wiki, GitHub, and even most of the open source infrastructures are hosted outside EU

Why not have an EU-blockchain where transactions and staking are taxed and fund EU-defense and EU-whatever - including software development (eg browsers.)

USA could have Pax-Americana chain - and governments could offer tax discounts to those that use it. Maybe just a "Pax chain" but with different, officially-sanctioned tokens and even sub-tokens based on geographies or alliances?