Navigation

Cloud Storage Divided By National Boundaries

By Mitchell Ashley on Thu, 05/22/2008 - 5:49am.

Will national and political interests divide up cloud storage and computing? That topic came up while I was attending Interop last month in Las Vegas during a side conversation with an employee of the Canadian government. He stated that the Canadian government IT organizations were not permitted to use services which stored or hosted the government's data outside their sovereign territory. They especially could not use services where data was store in the United States because of fears over the Patriot Act. Whoa. That brings up reminders of conflicts governments have introduced to the Internet, such as Google cooperating with the Chinese government. The same could happen when your data is stored in the cloud.

What does it mean if your data is stored in the cloud and some foreign government entity might have access to it? If your business records or personal data were stored in China, would it be subject to access by government officials unbeknown to you? Maybe your data is somewhere which you don't know who might have spying eyes into it. I'm trying not to be paranoid or nationalistic here, but this is a topic no one is talking about... yet.

The Patriot Act or similar future laws could put a damper on organizations willingness to use cloud storage within US borders. The same can happen within other countries. I say, the first public example of one of these types of laws being used to access and then prosecute someone will cause a major uproar, here and outside our borders.

So, am I just being paranoid? Or is this a real issue. Post your thoughts.

Safe Harbor program

Useful answer?

By Peter Laird (not verified) on Thu, 05/22/2008 - 8:00am.

This is not an area I understand too well yet, but this is what I understand:

The US+EU's Safe Harbor program allows US companies to certify that they are correctly handling the data of EU citizens. This is to comply with the EU data protection standards. If a US cloud/hosting provider is Safe Harbor certified, I believe they are allowed to maintain EU citizens' data in a US data center. (anyone know for sure?).

I think Canada needs to get on board with a similar program or risk damaging their trade relationships. The US needs to review the Patriot Act as well.

I think Canada needs to get

Useful answer?

By Anonx (not verified) on Sat, 05/24/2008 - 12:50pm.

I think Canada needs to get on board with a similar program or risk damaging their trade relationships.

The US has shown itself to be willing to ignore agreements they have signed at the drop of a hat. Any agreement with the US is worthless these days. With the degree to which the US is muscling Canada to hand over all of our citizens personal information using trade threats and other means to get it.

Canada and any other country would have to be insane to get into an agreement that the US could decide to ignore at any moment.

It is going to take 50 years to unwind the damage done by this administration.

Look at this case, UST and SWIFT

Useful answer?

By Che Kristo (not verified) on Sat, 05/24/2008 - 11:29pm.

A good test case for what is being discussed here is US Dept of Treasury and their intersctions with Belgian funds transfer orgnisation SWIFT after 9/11: start here http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-546365

Not paranoid

Useful answer?

By Hal (not verified) on Sat, 05/24/2008 - 10:56am.

The patriot act like many embarrassing moments in U.S. history is something to be concerned about.

Anti-Patriot Act

Useful answer?

By mantle (not verified) on Sat, 05/24/2008 - 1:52pm.

This is rather an old news. If you are a service provider serving to non-US companies, your best bet is to move your data center to Canada.

After Patriot Act was passed by US congress, Canadian counteracted (specially BC province) by levying fines for those companies who disclose personal data to US authority without consent.

http://www.cbc.ca/story/canada/national/2004/10/29/patriotact_bc041029.html

Bravo Canada !!

You are not paranoid

Useful answer?

By Jiminy (not verified) on Sat, 05/24/2008 - 2:03pm.

You are not paranoid. This is something I have been worrying about on a few different levels but no one seems to care. I
do not believe that any laws would actually protect my data
from being examined by the US or another government.

Laws like the Patriot Act only emphasize what the government
would do anyway without a law.

Safe Harbour vs Patriot Act

Useful answer?

By Anonimouse (not verified) on Sun, 05/25/2008 - 6:37am.

The question of wether Safe Harbour provisions trump the Patriot Act have not yet been established in court. Further the Patriot act pretty much gags all involved, so you have to risk jail to bring the challenge to court.

Basically, yes you are not

Useful answer?

By Anon123987 (not verified) on Mon, 05/26/2008 - 10:35am.

Basically, yes you are not paranoid.

Read up how the US government treats laptops on border crossings.

So safe harbor or not, from the point of view of privacy legislation, the US are a rogue nation.

Basically, the US are a rogue nation in many areas, like the bully on the playground that only plays by it's own rules.
(please consider the fact that in many cases the US muscles to create legal loopholes, exceptions, and so for itself, but while that might change the legal status of something, it most certainly does not change the moral status.)

E.g. the US govt has been caught more than once with their fingers in the cookie jar. (e.g. SWIFT, laptop data searches on border crossings, Guantamo, all that illegal activities of CIA agents in Europe, torturing prisoners, ...)