Slashdot Mirror

← Back to Stories (view on slashdot.org)

Patriot Act Dampening Cloud Computing?

Posted by kdawson on from the hey-you-get-offa-my-cloud dept.

Julie188 writes "Governments are turning the Internet into a cyberspace reflection of real-world geographic conflicts. One report says that the Canadian government is forbidding its IT organizations to use services that store or host the government's data outside their sovereign territory. They especially cannot use services where the data is stored in the United States because of fears over the Patriot Act. What kinds of jurisdiction issues might people face — think Google cooperating with the Chinese government — as cloud computing becomes the norm and your data is stored in 'offshore parts' of the cloud?"

10 of 148 comments (clear)

  1. Re:Can't you just encrypt it? by Ephemeriis · · Score: 2, Informative

    Can't you just encrypt it? Or is strong encryption some how not in keeping with the cloud computing metaphor? Depending on what you're doing with the cloud, no, you might not be able to encrypt it.

    If you're looking at something like simple file storage then you could certainly encrypt your data. Encrypt it on your machine...upload it for storage...download it when you need it...decrypt it again on your machine. That's fine.

    But if you're looking to use somebody else's CPU cycles that doesn't work so well. Your data has to be in some kind of executable state as it passes through their CPU. Even if the data is transmitted to and from their server in an encrypted state, it has to be decrypted for processing. And when that happens, that CPU better be very trustworthy.

    You're already running in some kid of virtualized/time-shared environment... If they have physical access to the machine your code is running on, and your data at some point becomes cleartext for processing, then they've got access to your data anyway.
    --
    "Work is the curse of the drinking classes." -Oscar Wilde
  2. Not just canada. by sjwest · · Score: 2, Informative

    http://news.bbc.co.uk/1/hi/uk_politics/7231186.stm Has this issue. Trustworthy and patriotic - something loses in that war.

  3. Re:Point being? by ozonepriest · · Score: 2, Informative

    Funny you mention Lockheed Martin: they're one of the companies we have a problem with. See this wikipedia article and search for "Lockheed."

  4. Re: Good Government by Opportunist · · Score: 3, Informative

    There are two extremes. One is "winner takes all", which invariably leads to a (mostly) two party system, with little hope for a third party to rise to importance. The other one is "let everyone in who gets a vote", a system Italy had for a long time, leading to dozens of minuscle parties holding a seat or two, with coalitions between so many parties that governments fall apart, on average, after a year (that's pretty much Italy's average).

    Either system is, in my opinion, doomed to be dissatisfying for the voter. The former because if the parties are too similar (as they are now, to an outsider's view), there is no real choice. The latter because you just know it doesn't matter how you vote, they won't get anything done anyway because no idea gets a majority.

    Most European countries today have a minimum limit to get a seat in the parlament. You need at least 4-7% (varying between countries) to have a seat. Usually, gaining that much support already gives you a few seats right away. And while 4% doesn't sound like a lot, it pretty much means that the average European parlament contains about 4-6 parties.

    This usually (if not almost always) leads to coalition governments. Which has its advantages (radical changes in policies are nearly unheard of) and of course disadvantages. Today, the disadvantages start to show a lot more than they did in the past, it seems our parties are too concerned to show "weakness" to cooperate anymore. More than one country has a coalition today that can't get anything sensibly done because the coalition partners are unwilling or unable to agree on compromises, because they fear their voters will feel they "lost their line" and "gave in".

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Very true by Mr_Icon · · Score: 3, Informative

    I work at a large Canadian university and we're expressly forbidden from storing *any* student-related information, no matter how insignificant, on non-Canadian servers. This doesn't just include things like gmail, but also various payment processing services, online storage providers (think Amazon's S3), and even things like Google Analytics. The latter is so ubiquitous, I'm not sure we're succeeding in extricating it from university-owned websites, and each time we have to explain to people why sending sensitive information about our users' browsing habits to the US is not a good idea.

    I don't think this policy has much to do with the Patriot Act, though I'm sure it acted as a catalyst. We'd probably not store any data in Netherlands either. If you're an institution that has to worry about compliance with various national privacy laws, it makes sense to store all information either within the organization, or at least within the same country.

    --
    If you open yourself to the foo, You and foo become one.
  6. Re:I said it before, I say it again by iago-vL · · Score: 5, Informative

    That's exactly correct. I work for the security department of a Canadian government, and we've decreed that no data can be stored on American servers, sensitive or otherwise.

    --
    http://www.skullsecurity.org/blog/
  7. Re:Governments and outsourcing? by Anonymous Coward · · Score: 1, Informative

    Your ignorance worries me.

    From Google itself: HIPAA does not apply to the transmission of health information by Google to any third party.

  8. Re:Patriot Act Aside ... by pjt33 · · Score: 2, Informative

    Nonsense.

  9. Re:I said it before, I say it again by kent_eh · · Score: 2, Informative

    Combine that with the requirements of the Privacy Act and the government's policy is a no-brainer.

    --

    ---
    "I can't complain, but sometimes still do..." Joe Walsh
  10. Re:encryption by CrimsonAvenger · · Score: 2, Informative

    Have you ever? First, it's usually as good as pleading guilty in the eyes of a jury. Yeah, they may not use it, yaddayadda, sure. I sure want to see someone go free after taking the fifth when facing a jury.

    Have I ever? Of course not. You have to be caught to go in front of a Jury. Of course, this isn't something that goes to a Jury, in any case. The cops (feds) ask the question, you say "I want to speak to my lawyer", interview with the cops ends.

    Later, someone else may bring you a Search Warrant for the key. If the Warrant accurately describes the location, you have to let them look to their heart's content. If they don't find it, that's THEIR problem, not your problem. If they drag you in front of a Judge, you take the Fifth, the Judge maybe jails you for contempt, but there's more than enough caselaw to get you out of there as soon as your Lawyer can fill out the forms.

    Then comes the countersuits, of course.

    And second, I doubt it works when the Patriot Act comes into play.

    Yes, it does. USA Patriot Act doesn't override the Constitution. It may take taking the case to the Supremes, but the Constitution always wins in the end.

    Note, by the way, that non-citizens don't necessarily have the same Rights as citizens. They don't necessarily NOT have those Rights, either. That's what Lawyers are for.

    --

    "I do not agree with what you say, but I will defend to the death your right to say it"