Law in the Internet Society

The Cloud

-- By JoshFoster - 19 Jan 2010

Cloud 9

Cloud Computing seems like a decent idea on paper. Remote access, less concern regarding physical storage, and ability to easily collaborate make this service seem attractive. Further, every conceivable service is available at one’s fingertips, so long as the proper fee is paid. No install worries, no real concern regarding hardware compatibility, and no need to wonder if one’s software is up to date. Cloud computing is, at its core, remote software services provided to users (usually for a fee). The software does not reside on the user’s computer, and often storage need not reside there either. All the user needs is an OS and the hardware to run that. A number of providers have stepped forward, and some companies are even offering remote access to clients’ work computers from anywhere. While the accessibility is laudable, this endeavor is not such a good idea after all.

Storm Brewing

Despite its seeming advantages Cloud computing would have a number of rather insidious drawbacks. The first would be the subscription requirement. In order to access data or run programs, the monthly fee would have to be paid. Microsoft introduced a similar scheme with their Zune service. For around $15 a month a user could have unfettered access to Microsoft’s music library and download all the music desired. Of course the moment the $15 was no longer being paid all access rights dry up and the downloads became useless. This lead Jerry Holkins and Mike Krahulik to observe in comedic fashion that the service basically costs “infinity dollars.” Such will it be with Cloud Computing. Monthly fees for data access seem fair until one realizes that 1 Terabyte of data storage costs roughly $86. And that is for an external drive. An internal drive would take $15 off the price. Though this does not really apply to the remote workstation access services, it certainly applies to the core idea of cloud computing, that all software and storage be remote. An individual paying this subscription fee would likely have to pay it forever, unless he or she wanted to abandon all data built up on the service. This allows for a sort of captive audience effect. If Google, or any other cloud service provider wants to perform a rate hike, users will have a greatly diminished ability to walk away. Changing service providers does not allow transfer of data. Basically it allows for a data hostage situation.


Further, even beyond the data held hostage there are huge privacy concerns with Cloud Computing. Google’s pullout of China was, to a large extent, a result of human rights activists’ Gmail accounts being hacked. If all one’s data is out in the Cloud, then theoretically it’s potentially visible to everyone on the internet. Further, program access and usage will certainly be monitored by the service provider, and even if an account is not hacked, the service provider will have access to all the information. It seems odd that people would be comfortable sharing every single thing they do on their computers with complete strangers. Of course given Facebook it is hardly surprising. This problem is exacerbated in legal or medical communities. Though inter-hospital networks may have their own problems, medical data can at least be stored on-site by the hospital, as opposed to Google or Microsoft employees having access. So too is it with legal documents, which can be just as if not more sensitive. Neither type of data has any business being on a cloud network. If, however, data that must be secure cannot be trusted in the cloud, why trust any data? While some may claim that the distributed nature and fact that service providers can devote more resources to security means that data would be more secure, but the fact remains that anything open to access on the internet at large is at risk, and cloud computing data is always open in that way. Remote access systems can be particularly bad, with regards to this, as all data on the physical computer is now available for viewing anywhere, and to some extent, by anyone.

Given that employees of the service provider may have access to the data, privilege and confidentiality may be waived where applicable in using these services. This should be a real concern for companies that would use these services. If an entire enterprise has its data on such a service, is there any confidentiality whatsoever? Further, could the service provider itself be subpoenaed to provide data thought to be privileged or confidential. Given the above concerns, there is no real confidentiality with these systems, and thus privilege and confidentiality may be deemed waived, especially since a third party is in control of the data. Even if the courts do not find it so clear cut, the fact a third party controls all sensitive data is not a situation any company should desire.

Flash of Lightning

Cloud computing also cannot deal well with data loss. Several months ago, for instance, a technically glitch at Microsoft caused massive data loss for T-Mobile cellphone users. There is no reason that any other network is more secure. Traditional HDDs can suffer failure, too; however RAID arrays can make recovery much easier, and such failures would generally be limited to one machine. In the above instance the data for thousands of users was lost with one glitch. Even Cloud services used solely for backupping suffer from this drawback. Again this makes such schemes particularly ill suited for medical or legal usage. The above noted malicious access could also allow for deleting of data. Thus hardware failure is not the only issue that could bring about data loss.

Thus Begins the Downpour

Cloud Computing is rife with problems, both in data security and storage. The pricing scheme will tether a company to the service essentially forever, and the benefits are negligible at best. Further, from a legal standpoint, it may completely negate privilege and confidentiality. The Cloud is to be avoided.

# * Set ALLOWTOPICVIEW = TWikiAdminGroup, JoshFoster

Note: TWiki has strict formatting rules. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of that line. If you wish to give access to any other users simply add them to the comma separated list


Webs Webs

r1 - 20 Jan 2010 - 00:07:31 - JoshFoster
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM