Privacy of the Cloud? If you do unto others, they might just do unto you.

Published on August 1, 2014 By DrJBHL In Personal Computing

MS lost a battle in its strong consumer based stance regarding stored data. In short, MS has come out many times in its unyielding stance regarding data privacy. However, a New York District Court Judge has ruled a warrant ordering MS to deliver data stored in Ireland (outside the Court’s jurisdiction) legal. The reason for the request for data was not given publicly.

MS intends to appeal this decision and therefore the Judge agreed to suspend the ruling until the appeal is ruled upon. The Judge explained, “It is a question of control, not a question of location of that information.” So, although I’m not a lawyer, it would seem to me to be both.

The implications of the Judge’s rulings are huge…not just for MS, but for Amazon and Google as well. It would mean that data, no matter what it might be, is subject to U.S. government scrutiny no matter where it’s stored. It would be a serious blow to Cloud based enterprise, and would cause companies to reconsider using the Cloud for enterprise. It would also encourage transferring the burden of data storage to local data farms, seriously affecting the big data storage companies business models. It might also cause U.S. companies to do the same, creating shell entities in foreign countries just to store data there.

It is also uncertain how foreign governments will react to this. Their concepts of location and control might not jive with those of the U.S. District’s Court Judge.

This comes on the heels of several U.S. companies’ reports of business decline since Snowden’s revelations of NSA data collection techniques. Cisco, Qualcomm, IBM, MS and HP reported declines in China sales since the Snowden leaks. European Data storage companies were quick on the uptake and profited from the revelations. It was estimated that the leaks could end up costing $22-35 billion over the next three years, and if this ruling stands, those losses will only increase.

The essential problem revolves around connectivity. The fact that MS or a customer can press a button in Oklahoma and retrieve data stored in (say) Italy plays havoc with the old ways of thinking about the Fourth Amendment, the concept of jurisdictions, the power of U.S. Courts and the U.S. government. Connectivity and availability are being confused with actual physical location. Also, if a corporation is a person and that person owns a house in another country, is a U.S. search warrant executable in that other country? The case of “Megauploads” comes to mind and why it was thrown out of Court and the search ruled illegal by the New Zealand High Court.

OK…now the stinger. Let’s say U.S. search warrants become executable on data stored abroad. Well, will foreign data stored in data farms in the U.S. become equally searchable by foreign governments?

What bothers me most about this is that it pretty much destroys any concept of privacy for companies and individuals, if it’s allowed to stand. It also might compromise the security of us all if it isn’t. Something to think about.

Sources:

http://www.theguardian.com/technology/2014/jul/31/microsoft-must-handover-overseas-emails-judge?

http://www.neowin.net/news/microsoft-has-lost-a-battle-for-data-privacy-with-us-courts-but-the-fight-is-not-over

Comments

Chibiabos

on Aug 01, 2014

I'm a bit baffled that anyone thinks data stored on a cloud is private, given a number of companies including Microsoft and Google are widely believed to datamine user files for their own market control purposes. MS has certainly not been a strong advocate for security, private property nor data privacy when it comes to how it regards its customers and its increasingly incomprehensible EULAs. They no longer sell 'software' but 'licenses' which is a legal dodge against liability for pushing out defective products, they essentially grant themselves unlimited access to customers' computers and files and can and do disable computers owned by their paying customers with legally purchased copies ... sorry, licenses ... of their operating system software, they were found guilty of antitrust laws but have never expressed remorse nor even acknowledged fault, they had no concept of why anyone would be concerned about their plan to have always-internet-connected cameras that they control on their gaming boxes (even when the consoles are turned off) and they advocate for tax dodging and overseas tax shelters as much as any other corporation while complaining the U.S. does not have enough qualified college graduates (gee, how does education get paid for again...?).

I am certainly not arguing that what the government is doing is right here, but I am arguing against the claim that Microsoft has nobly persisted in an 'unyielding stance regarding data privacy.' I truly cannot comprehend the libertarian lasseiz-faire attitude that any government regulation is evil, but any and all tyranny by un-elected corporate plutocrats is fine, so long as it is done in the name of capitalism.

DrJBHL

on Aug 01, 2014

Chibiabos

reply 1

Just to clear things up from the get go: First of all, I'm just reporting and not taking MS's side...If anything, I'm a privacy advocate, certainly not an advocate of "Laissez faire".

Second, MS's motive is profit, but that would obligate a strong privacy stand...how else could they sell their product? They have not been shy about it either: http://www.neowin.net/news/microsoft-hits-back-against-government-surveillance-highlights-commitment-to-privacy and http://www.neowin.net/news/microsoft-vp-brad-smith-among-tech-execs-to-meet-with-president-obama-tuesday

just as examples. MS has stated it does not data mine, I do not know how accurate that statement is, but certainly Google and Amazon do but not personal identifiers (supposedly).

Third, I have written many times that private and especially financial data should not be stored in the Cloud setting.

The issue I actually wanted to bring forward was not just how this was killing business, but also the more fundamental issue of privacy which I do believe in very strongly, as should we all.

myfist0

on Aug 01, 2014

Interesting report. Thanks Doc,

moshi

on Aug 01, 2014

an article from 1999: "How NSA access was built into Windows":

http://www.heise.de/tp/artikel/5/5263/1.html

yes, if you want your date to be safe from your government, you'd have to think not only about the physical location of the servers, but also the location of the service provider. so if you're Chinese, better stay away from Baidu Pan, and if you're American think twice about using OneDrive.

Uvah

on Aug 01, 2014

Solution: Don't put stuff out there. Keep it where it is really safe, on an external drive with zero connections to the net and zero ability for wannabe's to access it. Especially financial and personal data! I don't and never will.

ElanaAhova

on Aug 01, 2014

Uvah

reply 5

I'm with Uval on this. I unplug my pc's web connector when not on line, and when PC is off. Too many stealth bots can turn your PC on at a predetermined time, and if web access can be enabled, it might be. Turn PC off, unplug it. Storage, on external drive that is physically disconnected from PC .

@Doc: BTW, Seth, I think the legalese regarding question of storing data in 'offshore databanks' being immune to U$A law is easily countered. Data ~ money (digital). If the info was/is from a source in U$A (or areas under U$A jurisdiction), then the argument can be made, that the info, at some point, traveled on wires/airwaves/sats within the U$A areas before ending up in overseas databank. If the U$A govt wants it - they will get it.

@Chibiabos: "... I truly cannot comprehend the libertarian lasseiz-faire attitude that any government regulation is evil, but any and all tyranny by un-elected corporate plutocrats is fine, so long as it is done in the name of capitalism." I agree.

But, I do comprehend it. Its about power. Power to pervert the rule of law into a from that makes it easier for unbridled greed to run amok no matter who suffers or is screwed. Ever wonder why there are so few loan sharks in business these days? They can't compete with big banks and credit card companies. No longer does "Joey the Hammer' have to come and readjust your kneecaps. No. Instead, the U$A marshal and the local police will come and evict you, take your home (or your farm), etc. [GOP = Greedy Old Plutarchs] [Dems ain't much better, either].

starkers

on Sep 03, 2014

Cloud... should only be for holding rain and providing a bit of shade from the hot sun.

Other than that, shove it.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!