Privacy in the Cloud

For many of us, “the cloud” is a nebulous concept, defined in a myriad of ways, with little understood practical application to our lives. But like so many new technologies, cloud computing affects our lives in an unfathomable and different ways.

 

Simply put, cloud computing refers to any information or service stored or fed predominately from a remote data center.  Where computers once stored everything locally–physically on the machine in front of you–now much of our data and even software are stored off-site.

 

One simple example, and perhaps one of the earliest adapters of cloud-type interfacing, is email.  The reason that we can check the same email account at home, work and on our phones is because the associated data are centrally located on a virtual server in the cloud.

 

The cloud has moved far beyond email, offering services and software without any local footprint.  Many of us have shared documents using services like Microsoft’s Office Live Workspace or Google Docs.  All of these services are considered a form of cloud computing.  Today, it’s clear that innovative companies like Microsoft, DropBox, Flickr, Evernote, Apple (with their soon to be announced iCloud) and a host of others are making a push to move everything to the cloud.

 

Why does it matter what data, exactly, is in the cloud?  Because right now, data stored in the cloud is not protected by the same privacy regulations that protect data on our PC.  As cloud computing comes to dominate more of our online lives, consumers could lose more and more of their privacy, and most have no idea it’s happening.  As it stands now, the government can search through anything that has been sitting in the cloud for more than 180 days–all of your emails, pictures, GoogleDocs, hard drive backups done on MobileMe, private documents in DropBox, anything–without a warrant or notice.

 

More than 153 million Americans used some form of web-based email last year, says a ComScore report.  But it goes beyond email, as 22-percent of consumers put personal medical records and information in the cloud, and more than 20-percent put personal financial documents there.

 

Luckily, a proposal exists that could apply the same guarantees of privacy you enjoy for information on your physical computer to much of the information you put in the cloud.  Senate Bill 1011, The Electronic Communications Privacy Act Amendments Act of 2011, introduced by Vermont Democrat Sen. Patrick J. Leahy, makes some big steps toward fixing these problems.  The bill provides a much needed update to the quarter-century old Electronic Communications Privacy Act, by extended the provisions that protect against illegal wiretapping to all information stored in remote data-centers.

 

Sen. Leahy’s bill does a lot of good but, under the Patriot Act, it still provides too many “emergency exemptions.”  A more consumer-friendly solution would include not just Leahy’s bill, but also new transparency and reporting requirements for the use of “emergency exemptions” that allow the government to ignore privacy regulations.

 

Berin Szoka of TechFreedom thinks Leahy’s bill is great progress. “ECPA reform is a win-win: It benefits consumers, law enforcement, and businesses,” said Szoka.  If Sen. Leahy’s new reforms do pass, they will be a benefit to consumers in a couple of key ways.  First, the less ambiguous law would reduce the incentive for companies to locate their data centers overseas, keeping jobs and technology here domestically.  “It also honors our constitutional heritage by clarifying that normal law enforcement access to private data should be subject to the judicial warrant requirement enshrined in the Fourth Amendment,” said Szoka.

 

It’s time that legislators shift their priorities from market regulation that burdens businesses and hurts consumers to legislation that protects the interests of consumers and clarifies the role and boundaries of government in the digital age.

 

Zack Christenson is a Chicago-based digital strategist who writes on tech policy.

facebooktwittergoogle_plusredditlinkedinfacebooktwittergoogle_plusredditlinkedin

Leave a Reply

Your email address will not be published. Required fields are marked *


5 − = three

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>