techcloud.com: a blog about web 2.0, search, cloud, collaboration, Ruby on Rails, Microsoft, Google, and other fun stuff

In a world run by lawyers, wither the cloud?

It always cracks me up when I read what companies will and won’t do because of their legal team.   We all know that IP and privacy law is immensely important, but I think we lose sight of the big picture when we presume that innovation can be stunted by legalese.

Case in point, Mike Vizard from IT Business Edge writes that the “Patriot Act May Hamper Cloud Adoption“:

But when it comes to actual corporate data, Massaro is betting that no matter what the economics are, corporate legal departments are going to direct their corporate officers to steer clear of any service that eliminates their ability to keep potential damaging information out of the hands of Federal prosecutors without so much as the nicety of being told what the government might actually be looking for.

The author also assumes that these sorts of National Security Letters are equivalent to someone sneaking in your backdoor, taking a sip of your milk from your kitchen, and not even leaving a thank you note.  However, the NSL’s have been explicity prevented from maintain a gag order, so all a service provider needs to do is notify you of the letter in question and you have the same effective protection as you would if your data was under your mattress.

This would be concerning if it made a difference if your data was on the cloud or not.  What company is going to be able to keep their data from the Federal government under subpoana or other legal device?  I’m not a lawyer, but if I played one on TV I’d take a look at this gem from AIG:

“More love notes from Elias,” Cassano wrote to his subordinates as he forwarded another set of Habayeb questions. “Please go through the same drill of drafting answers . . .”

The Cassano-Habayeb correspondence, along with thousands of other e-mails obtained by The Washington Post, as well as supporting interviews, reveal a company wracked by more division, doubt and turmoil than anyone on the outside realized during those tense months in 2007, a full year before the federal government undertook one of the largest corporate bailouts in U.S. history to prevent AIG’s collapse.

Whoa. I’m reading AIG’s emails. But, I’m pretty sure they weren’t “on the cloud.” How on earth did the Washington Post get these emails if they weren’t on the cloud??

Major cloud utility providers need to continue to publish transparent policies that address specific concerns like this.   However, the reality is that there are a dozen ways for the government, reporters, employees, hackers, and other malicious or benign agents to peruse and expose your data.   The cloud doesn’t guarantee security, but the alternatives also do not.  And as much as I love a good lawyer, they sadly can’t prevent de facto data leakage either.   Only diligence, a sound security policy, and the right mix of vendors, services, and products, can give you the peace of mind that you are doing everything you can to protect your company information.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • LinkedIn
  • email
This entry was written by Ed Laczynski and posted on December 30, 2009 at 10:45 am and filed under cloud. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

TechCloud is Digg proof thanks to caching by WP Super Cache

ss_blog_claim=77c0780e64c123f107896646c0ee8870