Skip to content

More cloud privacy problems

Some more cloud privacy problems to consider …

In preparing our article about privacy law and the cloud some other possible privacy breaches came to our attention.


Cloud storage can move

Let’s say you setup a cloud service and ensure that the servers are located in a place that’s acceptable to your organization and applicable laws. That’s not the end of it.

Cloud storage can be moved to another server, even another country, without notice. Office 365 seemingly lets you control where your data is stored but in practice Microsoft can move your data to another country without notice. Other companies presumably have similar wording in their terms.

These provisions are reasonable because it allows cloud providers to move data quickly in unexpected situations (like a major server or communications failure) but also opens the door for data migration to allow easier access by governments or other bodies.


Backdoors

Cnet is reporting that the FBI is proposing that Internet services like VOIP, Instant Messaging, Web email and cloud storage be ‘encouraged’ to put in ‘backdoors’ that allow easy surveillance. This would be an extension of the existing US ‘Communications Assistance for Law Enforcement Act’ which applies to telephone companies and broadband networks.


Wiretapping ‘en route’

Another factor to consider is the potential for ‘listening in’ on information as it passes between computers and the cloud storage. This is more difficult but not impossible with government resources.

The infamous case of Room 641A in San Francisco is just one known example of what governments can do. According to Wired the NSA Is building the US’s biggest spy center.

Using HTTPS to encrypt communications might help but probably would not be a problem for a sufficiently determined and well-resourced listening post.

About this author