Tag Archives: cloud

Is Privacy in the Cloud only an illusion?

Is Privacy in the Cloud only an illusion? Technewsworld.com thinks so. They published a large article today arguing that “Laws around the world allow governments free access to data in the cloud. What may come as a surprise is that Mutual Legal Assistance Treaties facilitate cooperation across international boundaries. Under these MLATs, the U.S. and EU member states allow law enforcement authorities to request data on servers of cloud providers located in any countries that are part of the MLATs.”

If you ask me, the article brings nothing new under the sun, as it is built on the conclusions of Hogan & Lovell’s White Paper published in May this year (you can also find it on this blog).

Regarding the main topic, my comment would be that your personal data in the Cloud is as secure as your personal data deposited in any other way, from a governmental access point of view. The laws that allow governments to have access to personal data on account of fighting terrorism are not especially made for the Cloud, but for all sorts of information, personal data, mere anonymized data or whatever data you could think of, stored anywhere and by whoever.

However, what complicates a bit privacy things with the Cloud is that the effort made by governments to have access to data stored there is perhaps smaller than it would be to travel to a certain address and grab a certain device which contains data.

It is also possible I am terribly wrong by not taking into account information I do not know. If you have thoughts about this, or more information, please leave a comment 🙂

New research shows that most Western governments have access in the cloud, not only the US government

In a White Paper (“A Global Reality: Governmental Access to Data in the Cloud”) published by Hogan Lowells, which you can find HERE, a not so surprising conclusion arises:

The White Paper reveals that every jurisdiction examined vests authority in the government to require a Cloud service provider to disclose customer data. It explains why the access provisions of the USA Patriot Act are narrower than commonly thought.

The White Paper also reveals that, unlike in the United States where the law specifically protects cloud data from access by the government without legal process, data stored in the Cloud may be disclosed to governmental authorities voluntarily in some jurisdictions, without legal process and protections.

You can find the original news HERE.

I have no idea if the US government had anything to do with this study, but it’s definitely worth to have a look into the White Paper. It is indeed the US government that most of the privacy aware individuals accuse of being over-intrusive, especially after the enactment of the Patriot Act. However, it comes with no surprise that other governments have wide access to data stored in Clouds.

On the other hand, it remains a fact that the US has no unitary legal mechanism for protection of personal data, unlike the European countries analyzed in this report, which are bound by several European Union directives and by Art. 8 of the Charter of Fundamental Rights of the European Union to protect the right to the protection of personal data. This right of course has its limitations, and public interest in various forms is the most important one. There are also exceptions regarding journalistic purposes or research purposes.

It should also be noted that the Obama administration has made some efforts into this direction, by publishing this year the Consumers Privacy Bill of Rights, even though its provisions are not directly applied in disputes but are meant to guide the enactment of further legislation in this field and self-regulatory statues of companies.