CLOUD – obscuring your privacy
Shortly after September 11th of 2001 I traveled to Brazil, as I had done for many years before and have done for many years since then. However on this trip I had a very sad message to give to my Brazilian friends: “I am sorry, but you can not trust the United States any more.”
The reason I gave this message to the Brazilian people was that my country had passed the first of many laws that reduced the privacy rights of people around the world. That first law was called “The Patriot Act”, and if was a direct attack on the Fourth Amendment of the US Constitution. In the name of trying to suppress terrorism, the government weakened (some people would say eliminated) the protection granted to citizens of needing a court order or subpoena for searching your property.
I knew what the Patriot Act could mean, but it was only after a couple of years that the proof came to light. Through a disclosure by Edward Snowden it was discovered that the NSA of the United States was monitoring President Dilma’s (the president of Brazil) email. After that I wrote an open letter to President Dilma saying “I told you so.”
Over the years I (and many others) have hoped that the Patriot Act would have been tempered and greater privacy protections and oversights would have been built in, or that the most controversial parts of the Patriot Act (that was supposed to expire in 2015) would indeed expire. Unfortunately that has not been true, and the Patriot Act (and some of its sisters such as the “Foreign Intelligence Surveillance Act (FISA)” and the “Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection and Online Monitoring Act (USA FREEDOM Act)” both strengthened some of the worst parts of the Patriot Act, or extended them.
The recently passed “CLOUD” legislation was another step forward (or backward, depending on your point of view) to access data that would normally be protected by laws of different countries. In short, the US based law’s intent was to clarify and “streamline” access to data held in servers outside of the USA by USA based cloud companies. Previously the laws surrounding the surrender of this data was made “cloudy” (pun intended) by whether or not the data was actually protected by the privacy laws of the country in which the data resided. As an example, if the USA government wanted data on one of its citizens that was being held in Ireland, then the privacy laws of Ireland might prevent the data from being given to the government of the USA.
There were ways of working this out. An existing set of Mutual Legal Assistance Treaties (MLATs) allowed the United States Government (and other governments) to work together to deliver the information needed that would respect both government’s privacy laws. However, the USA wanted to “streamline” this more and thus the “CLOUD” legislation that allows pre-negotiated contracts between countries, and giving cloud providers only 14 days to object to these requests with what has been described as a complex “comity” analysis.
In addition, this “CLOUD” legislation opens up the possibility of other countries who value privacy even less than the United States, using these mechanisms to gain access to USA (or other countries’) citizens.
In other words, if you put the Patriot Act, the FISA laws, the FREEDOM Act and the CLOUD legislation together, it ends up with privacy “lost in the FOG”.
All of this is without the recent revelation by Edward Snowden that certain agencies of the United States can intercept packets of data that may be traveling from New York to San Francisco but (because of the way that the Internet works) could go outside of USA borders and be “tapped” at that point.
We talk about the “slippery slope”….there is nothing more slippery than layers of laws that chip away at privacy laws.
Therefore it is best to use cloud structure where you have control. Control of where your data is stored and control of who is storing your data. Control of where your processing is done. Control of where your Internet packets are traveling.
Subutai™ Open Source Peer-to-Peer Cloud software gives you that control. You can set up your peers to hold your data in your country under your laws and access it on systems under your own legal system.
It pains me to have to talk about my own country this way, but as Benjamin Franklin once said: “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.”
Take back your privacy. Take back the cloud.
# # #
Read OptDyn CTO and Founder Alex Karasulu’s post “What is the problem with the CLOUD Act, and how Subutai is the answer …”