Securing Nebulous Privacy Rights in the Cloud - Miller-McCune
The swelling of the online data “cloud” is driving an info-privacy cold war between U.S. tech companies demanding freer movement of data in cyberspace, and European Union states that want the amorphous cloud better regulated. Is there a middle way?
In April 2010, the German government faced off with Facebook when the latter said it would sell its private user data to third parties. “What is private must stay private,” Ilse Aigner, the German minister of consumer protection, stated plainly in a letter to Facebook founder Mark Zuckerberg. “Unfortunately, Facebook ignores this principle.”
Most believed the social network behemoth immune to such criticism. For The Economist, Aigner’s “snarl at Mr. Zuckerberg” was a “shot [that] will not do much damage to Facebook.”
But these days, Facebook is in a lather over privacy, giving users greater control over their own data and projecting a policy of greater transparency on how the company uses private information. At its core, this reflects escalating tensions over data privacy in the age of cloud computing.
The standoff between Germany and Facebook hinges, in part, on the murky jurisdiction of the transnational data storage cloud, that nebulous cyber data storage space. The cloud is helping businesses big and small, as well as government, store, back up, and archive data cheaply, and to “virtualize” by accessing software.
Leading providers of cloud services — like Amazon, Salesforce, and Microsoft — look forward to massive expansion as most social media images, chat records, e-mails, even Web browsing histories, are swirling around in the cloud. It makes sense, since this data is stored in and accessed from warehouses full of servers — often in Asia or the United States — at much lower costs than building the hardware infrastructure locally. But as a result, a message sent between a computer in Hamburg to one in Dusseldorf could wind up on a server in California, while its response might end up in Mumbai. This is why the cloud confounds the issue of data sovereignty — it’s hard to say which nation or jurisdiction rules over data at any one time.