Global Companies & Cloud Users Powerless Against Patriot Act

Markus Henkel, Geodesist & IT Journalist | 7/11/2011 | 13 comments

Markus Henkel
Arnold Picot, director of the Institute for Information, Organization, and Management at the Munich School of Management, was mistaken when he described the cloud as secure. Talking to Zeit Wissen magazine, he branded fears of a data catastrophe in the cloud as irrational: "The big cloud providers' systems are highly professional, and data security is the basis of their business."

But Professor Picot is only human -- which, as we all know, gives him the right to err. In fact, US authorities have recently been granted access to European cloud data.

Err... just recently? How naïve are we supposed to be?

In early July, Microsoft hit the headlines for all the wrong reasons when its British managing director, Gordon Frazer, admitted that US criminal prosecutors were granted access to customer data, under the US Patriot Act. Accordingly, customers throughout Europe using virtual services provided by Redmond (such as Office Cloud and email) must expect to be probed by the US Secret Service. In actual fact, this issue doesn't just concern Microsoft; it also concerns firms like Amazon, Google, and Apple, to name a few.

Providers based in the United States must hand over data on demand as soon as American security is threatened -- which basically means all the time. In other words, the main purpose of the Patriot Act is to simplify investigations by the Federal authorities in the event of terrorist peril. Fundamental rights are irrelevant, and those being investigated don't even have to be notified. The Patriot Act has been in force since 2006. The right to access data anywhere in the world prompted only little resistance here in Europe at the time. And now? Things have since gone very quiet about this official spying.

But thanks to Gordon Frazer, a storm is now brewing in the cloud. Some data protection campaigners have sounded the alarm. Thilo Weichert, who heads the Schleswig-Holstein Independent Data Protection Center, is one of the most vociferous protesters. He believes this contravenes European data protection legislation. In 2008, I interviewed Thilo Weichert on the subject of Google and data protection. Three years later, one of his answers has lost none of its relevance. He said:

    US law applies -- hence there is, de facto, no data protection. Those who are foolish enough to use Google services because they're free must, or at least ought to, know that they're putting themselves at risk of a data disaster. There are also German providers with free services, which feel bound by German law.

And it's precisely these email data and other services provided by American companies that US authorities have been accessing for years. It's not a secret; it's just not publicized.

Perhaps it will be now? No. Even though the matter's now being talked and written about again, such talk won't necessarily change the law. But the fact remains that Microsoft is one of just a handful of companies to have spoken about this in public. The term "data security" has long been the hallmark of many American companies -- yet US government authorities have much more access to those companies' "secure" data than some Europeans know.

This is bound to annoy data protection campaigners like Weichert, because neither the US government nor the companies that hold data are being upfront about the government's right to spy on users' data. Authorities are filing applications to access data at will, enabling them to produce and combine user profiles and then skim off data. Although companies like Google and Microsoft know this, under US law they aren't allowed to talk about it.

Data protection campaigners, the European Union, and other influential bodies and individuals need to engage in dialogue with the US government and corporate world. After all, what's the use of companies that offer data security and encryption but then reveal everything to authorities on request?! Unfortunately, we can't believe the providers, since they've been gagged by the state and are unable to talk about any such cases in public.

The issue here isn't the spying itself; the issue is that everyone should be entitled to some transparency about these practices. Or maybe the issue, instead, is the naïvety of those using these services, who think that their data is safe in the cloud.

View Comments: Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
Pablo Valerio   Global Companies & Cloud Users Powerless Against Patriot Act   7/15/2011 11:15:53 AM
NSA spooks win fight to keep secret possible ties to Google
" The National Security Agency does not have to disclose its relationship with Google amid press reports that the two partnered up after hackers in China launched a cyber attack on the U.S. government, a federal judge in Washington ruled. "

http://www.courthousenews.com/2011/07/14/38157.htm
User Ranking: Blogger
fbpmt   Global Companies & Cloud Users Powerless Against Patriot Act   7/13/2011 8:39:49 PM
Re: The outrageous NSLs
@zerox203 -- When the Patriot Act was first issued, it was the vaguest piece of legislature possibly ever written. It gave authorities carte blanche to do just about anything if there was a threat to our national security. Which, of course, included everything.

Pros and cons..
User Ranking: Blogger
Pablo Valerio   Global Companies & Cloud Users Powerless Against Patriot Act   7/12/2011 9:50:33 AM
Re: The outrageous NSLs
I believe I used the following quote in another comment here, but I think is relevant to this issue:
the Court concludes, from its exhaustive review of the statutes and cases as to both the rapidly-developing law of electronic communications and the Fourth Amendment, together with its extensive review of the legislative history and scholarly commentary, that Congress and the Supreme Court still concur in the principle underlying this Opinion: i.e., that law enforcement’s investigative intrusions on our private lives, in the interests of social order and safety, should not be unduly hindered, but must be balanced by appropriate degrees of accountability and judicial review.

THE UNITED STATES DISTRICT COURT FOR THE WESTERN DISTRICT OF PENNSYLVANIA, Magistrate Judge Lisa Pupo Lenihan,  February 19, 2008

 
User Ranking: Blogger
zerox203   Global Companies & Cloud Users Powerless Against Patriot Act   7/12/2011 9:12:02 AM
Re: The outrageous NSLs
this is exactly the kind of piece that needs to be written - something that not many people know about, but that most people ought to. In a political context, this can often end up being a very divisive issue, which surprises me - whatever your extent of faith in your government, and desire to bring ne'er do wells to justice, it goes without saying that some amount of limitations need to be in place to protect personal freedoms.

The only minor quibble I have is that the suggestion here is that the government is already abusing it's ability to get data stored this way, even though we don't necessarily  know the extent of the problem (due to the restrictions on how companies can disclose it). It's certainly subjective whether or not the use of these practices in the first place constitutes an outrage - but regarding it as something with the potential for abuse, rather than abuse in progress, might be a little more fair.
nimanthad   Global Companies & Cloud Users Powerless Against Patriot Act   7/12/2011 12:33:43 AM
Re: The outrageous NSLs
Whatever happens this is a very sad state for cloud, simply because cloud is still an emerging technology which has lots of barriers ahead. They should encourage cloud rather than discouraging by implementing new laws.
Zentropist   Global Companies & Cloud Users Powerless Against Patriot Act   7/11/2011 7:28:30 PM
Re: Does Big Brother start with a G or an M ?
@ Technocrat:

You're welcome. We need an educated populace to understand that for every man or woman willing to go into harm's way for the sake of this country, there are those who in the interest of allegedly gathering intelligence to feed to those "at the tip of the spear," may very well misappropriate what they learn or leverage it to increase their power and for personal gain...

Z.
Technocrat   Global Companies & Cloud Users Powerless Against Patriot Act   7/11/2011 7:09:21 PM
Re: Does Big Brother start with a G or an M ?

 @Zentropist    Wow ! The situation is 1000x worst than my cynical nature could even conjure up !   I did not know about ECHELON , but after a quick search needless to say I am dumbfounded by the implications of such technology waiting to be used “inadvertently” against the populace. Thank you Zentropist for this, I find this fascinating and disturbing at the same time, something I will add to my further read/investigate list !   

Zentropist   Global Companies & Cloud Users Powerless Against Patriot Act   7/11/2011 6:24:06 PM
Zentropist
Re: Does Big Brother start with a G or an M ?
The Patriot Act basically opened the door to the Orwellian Big Brother concept and gave government the right to do whatever it wants in the name of national security. So what are we to do about this ? I don't know to be honest, but I agree with Markus, at least these companies can be transparent about the reality, that nothing is safe with them.

 

Don't kid yourselves, folks. Virtually everything that you do online is potentially subject to interception or appropriation by parties with the technical know-how and ability to access the data, either through official channels or not. And even laws can be bypassed -- look at ECHELON, for example. Technically NSA is not supposed to pull down communications from U.S. citizens without a wiretap. But if one of our English-speaking cousins (the Canadians, British, Australians or New Zealanders) happen to access such information, as part of intelligence-sharing protocols and share it, then technically speaking, U.S. laws were not violated... 

Pretty neat, huh?

Z.
SaneIT   Global Companies & Cloud Users Powerless Against Patriot Act   7/11/2011 3:01:17 PM
Re: The outrageous NSLs
@LadyIT, I suspect Googles decision regading China was two fold, first the alleged attack on Google's network that was directed by the Chinese government and second pressure from the Chinese government to censor data, which doesn't seem to sit well with Google's don't be evil motto.  
LadyIT   Global Companies & Cloud Users Powerless Against Patriot Act   7/11/2011 1:57:04 PM
Re: The outrageous NSLs
It is interesting to see Google pulling out of China to avoid handling data to the Chinese authorities and basically having the same issue at home.

Indeed - good observation, Pabo. Begs the question of whether there is something else Google doesn't like that's going on in China - or whether the issue is who they trust will handle the data is the most judicious manner.

And no, I don't feel good about this, no matter who the receiver is. Will be interesting to track this and see if any changes occur as a result.



User Ranking: Blogger
Page 1 / 2   >   >>


The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.

More Blogs from Markus Henkel
Markus Henkel   4/25/2011   39 comments
Android or iOS? When the HTC Dream (a.k.a. T-Mobile G1) was conquering the US market in 2008, I actually opted for the Apple iPhone, and hence for iOS. But three years down the line, I was ...
Latest Archived Broadcast
Ist Ihre Infrastruktur auch veraltet und nicht zukunftsfähig? Das Arbeiten in der Cloud wäre die Lösung, aber viele Firmen haben den Übergang zur Virtualisierung und die Cloud verpasst.
E2 IT Migration Zones
IT Migration Zone - UK
Why PowerShell Is Important
Reduce the Windows 8 Footprint for VDI
Rethinking Storage Management
IT Migration Zone - FR
SQL Server : 240 To de mémoire flash pour votre data warehouse
Quand Office vient booster les revenus Cloud et Android de Microsoft
Windows Phone : Nokia veut davantage d'applications (et les utilisateurs aussi)
IT Migration Zone - DE
Cloud Computing: Warum Unternehmen trotz NSA auf die „private“ Wolke setzen sollten
Cloud Computing bleibt Wachstumsmarkt – Windows Azure ist Vorreiter
Like Us on Facebook
Twitter Feed
Enterprise Efficiency Twitter Feed
Site Moderators Wanted
Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail:
moderators@enterpriseefficiency.com
FRENCH ASSETS
GERMAN ASSETS
VIDEOS
WINDOWS CLIENT
WINDOWS SERVER
A Video Case Study – Translational Genomics Research Institute
e2 Europe Video


On the Case
TGen IT: Where We're Going Next

7|11|12   |   08:12   |   10 comments


Now that TGen has broken new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions, the company discusses what will come next for it and for personalized medicine.
On the Case
Better Care Through Better Communications

6|6|12   |   02:24   |   12 comments


The achievements of the TGen/Dell project could improve how all people receive healthcare, because they are creating ways to improve end-to-end communication of medical data.
On the Case
TGen IT: Where We Are Now

5|15|12   |   06:58   |   5 comments


TGen is breaking new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions.
On the Case
TGen IT: Where We Were

4|27|12   |   06:45   |   10 comments


The Translational Genomics Research Institute wanted to save lives, but its efforts were hobbled by immense computing challenges related to collecting, processing, sharing, and storing enormous amounts of data.
On the Case
1,200% Faster

4|18|12   |   02:27   |   12 comments


Through their partnership, Dell and TGen have increased the speed of TGen’s medical research by 1,200 percent.
On the Case
IT May Improve Children's Chances of Survival

4|17|12   |   02:12   |   8 comments


IT is helping medical researchers reach breakthroughs in a way and pace never seen before.
On the Case
Medical Advances in the Cloud

4|10|12   |   1:25   |   5 comments


TGen and Dell are pushing the boundaries of computing, and harnessing the power of the cloud to improve healthcare.
On the Case
TGen: Living the Mission

4|9|12   |   2:25   |   3 comments


TGen's CIO puts the organizational mission at the heart of everything the IT staff does.
On the Case
TGen Speeding Up Biomedical Research to Save More Lives

4|5|12   |   1:59   |   8 comments


The Translational Genomics Research Institute is revamping its computing to improve speed, storage, and collaboration – and, most importantly, to save lives.
On the Case
Computing Power Helping to Save Children's Lives

3|28|12   |   2:13   |   3 comments


The Translational Genomics Institute’s partnership with Dell is enabling them to treat kids with neuroblastoma more quickly and save more lives.
Sara Peters
Cloud SLAs a Mystery to Users

2|28|13   |   1:15   |   10 comments


A credit card may buy your users cloud services, but it doesn't buy them an understanding of SLAs and privacy compliance.
Sara Peters
Date Set for Next McKinnon Extradition Epic Fail

9|10|12   |   3:11   |   16 comments


The next episode in the 10-year saga of the "UFO hacker" extradition battle will happen Oct. 16.
E2 Interview
Can IT Help Fix the Global Economy?

6|8|12   |   02:32   |   2 comments


We ask CIO Steve Rubinow whether today's IT can help repair the global economy (and if IT played any role in the economy's collapse).
Ivan Schneider
The Infrastructure With the Dragon Tattoo

7|21|11   |   2:54   |   1 comment


Nasdaq OMX is being investigated by Swedish competition authorities as to whether it pressured Verizon to keep a competing exchange called Burgundy from collocating in the same datacenter as its biggest customers.