Personal data? Why there's no such thing any more

Opinion Davey Winder Feb 8, 2013

News that the US government can access private files has British users uneasy but they should be aware the era of private data has long gone

Channel 5's Big Brother show uses the cloud (courtesy of the Claranet Virtual Datacentre) in order to deal with viewer interactivity traffic spikes during key events such as evictions, which can see traffic increase by as much as 1000 percent.

Depending upon your personal viewpoint of this kind of mind-numbing reality TV experience, it could be argued that this is a good use of the cloud. However, newly-published research from Lieberman Software suggests that Big Brother, in the shape of government snooping and intervention, could be preventing 50 percent of companies from adopting cloud technology when it comes to the storage of sensitive data.

The survey studied the attitude of IT professionals attending the Cloud Security Alliance Congress (of which 70 percent were from companies with more than 1,000 employees and 50 percent more than 5,000) towards storing data in the cloud. Apparently, some 48 percent of them were worried enough about the potential for government interference that it deterred them from migrating to a cloud environment at all.

Big Brother could be preventing 50 percent of companies from adopting cloud

It's easy to respond by stating that these people are just a little bit paranoid, ignorant and out of touch with reality. However, as I understand it, and according to a Big Brother Watch analysis, a European Commission report has shown that the 'Foreign Intelligence Surveillance Act Amendment Act' (FISAAA) provides the US authorities with legal powers to view data in the cloud without a warrant as long as the cloud provider company is based in the US.

So, maybe they have a point on the whole government snooping perspective. This is nothing new, of course, but it is proving to be a cause for concern amongst MPs who are opposed to the British Government moving data into the so-called 'G-Cloud' which I find rather amusing. Big Brother UK, it seems, is scared that Big Brother US may be able to spy upon it.

Interestingly, the research also revealed that 88 percent of those asked reckoned there was a chance that data hosted in the cloud could be lost, corrupted or accessed by 'unauthorised individuals'. And 86 percent simply "do not trust the cloud" when it comes to storing the most sensitive data, full stop. In fact, of those IT professionals surveyed, and remember these were people interested enough in the cloud to be attending a pretty full-on cloud conference, a slim majority (51 percent) but a majority none-the-less didn't trust the cloud for any personal data outside of the corporate sphere.

For me these reveal the real problem facing cloud adoption: a mistrust caused by a misunderstanding of cloud security issues. Yes, those 88 percent are probably right that there's 'a chance' that data will get lost, corrupted or accessed by unauthorised people in cloud, just exactly as there is 'a chance' that the same will happen in the datacentre or local corporate network environment.

It's all a bit Chicken Little, don't you think, to be running around shouting that the cloud is (potentially) insecure without first examining how you could make your data as secure within it as any other storage environment? I fear that the situation is unlikely to change when the very people who are tasked with researching the potential to migrate to a corporate cloud environment are so scared of the notion that they wouldn't use it to store their own data.

Philip Lieberman, president and CEO of Lieberman Software, thinks the key issues here are "around Government surveillance, cloud legislation and data security" suggesting that "IT managers do not want governments snooping around in their corporate data. If a government or official body wanted to see what data a company was holding in the cloud, the cloud host involved would be legally obliged to provide them with access. This means there is very limited privacy in cloud environments".

Indeed, Lieberman concludes that IT managers are well aware that it is easier to 'hide' data within their own private networks and thus keep it off the Big Brother radar.

Davey Winder

daveywinder (2).jpg

Davey Winder has been covering the IT security beat for the last 20 years. Along the way he has won the 'Information Security Journalist of the Year' title no less than three times, and in 2011 was bestowed with the Enigma award for his lifelong contribution to information security journalism.