Life in a cloud
p2pnet news view P2P | Politics:- Canada’s federal privacy commissioner today announced a new consultation initiative aimed at discovering what Canadians think about online tracking, profiling and targeting.
However, there’s a second campaign planned, this time on privacy issues emerging from the growing movement toward cloud computing.
Google, Microsoft, Yahoo, et al, are all for it, which immediately sets alarm bells ringing.
In the cloud, IT power is “delivered over the internet as you need it, rather than drawn from a desktop computer,” explained the Guardian a couple of years ago when interest in the concept was increasing.
It went on >>>
But Richard Stallman, founder of the Free Software Foundation and creator of the computer operating system GNU, said that cloud computing was simply a trap aimed at forcing more people to buy into locked, proprietary systems that would cost them more and more over time.
“It’s stupidity. It’s worse than stupidity: it’s a marketing hype campaign,” he told The Guardian.
“Somebody is saying this is inevitable – and whenever you hear somebody saying that, it’s very likely to be a set of businesses campaigning to make it true.”
Yesterday, Canadian DPI expert Christopher Parsons emailed us about an article he’d seen in CNet.
It’s good, he said, but the article it links to “is truly great; it engages in a decent 4th amendment analysis of cloud computing, with the conclusion being that cloud environments, where passwords are required to access stored information, should be treated as a tenant/landlord relationship and thus deserving of 4th amendment protection.
“Whether such protection will manifest, of course, is another matter entirely.”
Today, “CNET has up a blog post examining the question: does the Fourth Amendment apply to data stored in the Cloud?” – says kdawson in Slashdot, going on >>>
The US constitutional amendment forbidding unreasonable searches and seizures is well settled in regard to the physical world, but its application to electronic communications and computing lags behind. The post’s argument outlines a law review article (PDF) from a University of Minnesota law student, David A. Couillard.
“Hypothetically, if a briefcase is locked with a combination lock, the government could attempt to guess the combination until the briefcase unlocked; but because the briefcase is opaque, there is still a reasonable expectation of privacy in the unlocked container.
In the context of virtual containers in the cloud … encryption is not simply a virtual lock and key; it is virtual opacity. … [T]he service provider has a copy of the keys to a user’s cloud ’storage unit,’ much like a landlord or storage locker owner has keys to a tenant’s space, a bank has the keys to a safe deposit box, and a postal carrier has the keys to a mailbox. Yet that does not give law enforcement the authority to use those third parties as a means to enter a private space. The same rationale should apply to the cloud.”
“We might wish that the courts interpreted Fourth Amendment rights in this way, but so far they have not,” the Slashdot post adds.
..… and identi.ca
p2pnet music downloads – and stuff
consultation initiative – Data mining consultations start today, January 19, 2010
Guardian – Cloud computing is a trap, warns GNU founder Richard Stallman, September 29 , 2008
Slashdot – The Fourth Amendment and the Cloud, January 19, 2010
Use free p2pnet newsfeeds for your site. Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/feed
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
January 19th, 2010 at 3:52 pm
https://ssd.eff.org/3rdparties/protect/storage
As we already described in the “What Can The Government Do?” section, the communications stored by your communications service providers are very weakly protected compared to those you store yourself: after 180 days (or after you’ve downloaded a copy, according to the DOJ), the government can get those communications with only a subpoena and usually with no notice to you. But the situation is even worse when it comes to data that you store with someone other than your communications provider — so called “remote computing services” (RCSs). Under the Stored Communications Act, the government can obtain data that you send to an RCS for storage or processing with only a subpoena regardless of how old it is, and although the government is supposed to notify you before they do, the law makes it very easy for investigators to delay that notice until after they’ve gotten your data.
Therefore, storing all that data yourself, on your own computers — without relying on RCSs — is the most legally secure way to handle your private information. If you do choose to store copies of your files online, though, we strongly recommend encrypting those files yourself before you do (visit our article on disk and file encryption to learn how), or using services like IDrive or MozyPro that give you the option of encrypting your files using your own private encryption key.
- but if you store it encrypted in the cloud, STORAGE becomes the only real purpose of the cloud. Why bother for anything else like Google Docs?