Some more cloud privacy problems to consider …
In preparing our article about privacy law and the cloud some other possible privacy breaches came to our attention.
Cloud storage can move
Let’s say you setup a cloud service and ensure that the servers are located in a place that’s acceptable to your organization and applicable laws. That’s not the end of it.
Cloud storage can be moved to another server, even another country, without notice. Office 365 seemingly lets you control where your data is stored but in practice Microsoft can move your data to another country without notice. Other companies presumably have similar wording in their terms.
These provisions are reasonable because it allows cloud providers to move data quickly in unexpected situations (like a major server or communications failure) but also opens the door for data migration to allow easier access by governments or other bodies.
Cnet is reporting that the FBI is proposing that Internet services like VOIP, Instant Messaging, Web email and cloud storage be ‘encouraged’ to put in ‘backdoors’ that allow easy surveillance. This would be an extension of the existing US ‘Communications Assistance for Law Enforcement Act’ which applies to telephone companies and broadband networks.
Wiretapping ‘en route’
Another factor to consider is the potential for ‘listening in’ on information as it passes between computers and the cloud storage. This is more difficult but not impossible with government resources.
Using HTTPS to encrypt communications might help but probably would not be a problem for a sufficiently determined and well-resourced listening post.
- Email Immersion and your privacy
- Put cloud files into Windows 7 Libraries
- Privacy law and cloud storage
- What they say about the Patriot Act
- Skydrive and Google Drive
- Google Drive and privacy