Cloud computing is the future, and it may be here sooner than we think. This past June, Google rolled out the Chromebook, its cloud computing clients pre-installed with ChromeOS. The idea is simple: almost everything we can do on our PCs locally, we could also be doing on the internet; on someone else’s computer. Why not strip away all of the excess, and let our computers be small, sexy, and sleek while the heavy lifting is done on “the cloud”?
We could start with the fact that well-acquainted internet doomsayer Jonathan Zittrain would blow a gasket over the loss of generativity, as outlined in Chapter X in his “The Future of the Internet”, where X stands for any chapter number in his book. The minute we start letting someone else tell us what we can and cannot do with our computers, we begin to stifle the very innovation that created the Internet as we know it a.k.a. the best thing evar. Is he right? Who knows. This topic has been in beaten to death this course anyway. There are other relevant issues at hand, such as privacy, and I’d like to examine some of the relevant laws and legal questions associated with cloud computing before we plunge headfirst into the future.
This is the Big Issue. The 4th amendment protects us from “unreasonable searches and seizures”. If we recall from Katz v. United States, one component of what constitutes an unreasonable search is whether or not one has a reasonable expectation of privacy. Should I have a reasonable expectation of privacy with my data on the cloud because a Zoho spreadsheet functions just like the excel one on my personal hard drive, or because I’m hosting it on the internet can I not possibly expect privacy? Enter the Stored Communications Acts, part of the 1986 Electronic Communications Privacy Act.
The SCA protects users from warrentless invasions of privacy, or, at least it did in 1986. The SCA stems from a time before the cloud when server space was more expensive, and when all e-mails were downloaded off of the server and onto your hard drive. As such, the SCA made a distinction between e-mails that were less than 180 days old, and e-mails older than this. An e-mail on the server for 180, it was thought, was thought to be abandoned, and someone could not reasonably expect privacy of their abandoned e-mails. Thus, the government can, under the SCA, freely demand anything off the cloud that older than 180 days. Makes sense 25 years later with cloud computer, when the cloud has replaced users local hard drives, and people use 3rd-party servers for longterm storage of their data, right? Didn’t think so. The good news is, this has been challenged legally, and at least one district court has called the SCA unconstitutional in Warshak v United States. The bad news is, the SCA isn’t the only relevant law at stake…
Enter the PATRIOT Act, a new government doctrine which says, in summary, that government can, with regards to getting information, basically do whatever it wants, whenever it wants, regardless of where the the information is stored. That means anything on any cloud is fair game for the government’s eyes. In fact, under the PATRIOT Act, somehow, the US government can get information off a server stored in Europe without a warrant or consent. Whoa. It’s already stopped one major defense firm in the UK, BAE, from adopting Microsoft’s Cloud 365 service, because they are afraid of the US government stealing state secrets off of the cloud, which is something that could happen under the PATRIOT act. Privacy being basically a notion of the past with this law, let’s move on to other legal issues.
The future of cloud computing is dependent on strong network neutrality laws that are not yet in place. If you are relying on the internet to provide functionality for you computer, and the internet becomes restricted, so does the functionality of your computer. For example, imagine that your ISP begins to put out a web productivity suite designed for use on the cloud. Should they choose to prioritize or filter data away from competitors on your Chromebook, not only does your ISP limit what you can do on the internet, they are now limiting the basic functionality of your computer. The idea that you are free to hack a device that you own to make it do whatever you want doesn’t really apply when the functionality of your product requires the ongoing participation of your ISP.
As we know, jurisdiction already makes things legally thorny on the internet. At any given time, you could be accessing data owned Australians hosted on Russian servers from your laptop in America, and it wouldn’t be uncommon. Right now, however, if an French website gets taken down for violating French laws, it might be upsetting to you if you like to visit that website. However, if your French cloud computing service, where you hold all of your data, gets taken down for violating French laws, it could mean the loss of all of your data. You may be bound by local laws with regards to what data you could be allowed to store on your cloud, effectively limiting what kind of data documents you can have. For instance, while in America the first amendment gives you every right to deny the Holocaust, you may not be able to store your papers saying so on cloud services in Germany. In fact, the a paper you had been writing, editing, and storing on a German cloud, could suddenly vanish, and you’d have no way of getting it back. Scary.
The Internet is a complicated landscape legally. Cloud computing has many advantages, like making your data more portable, and allowing your computers to be more powerful. While Google would have you believe that using GoogleDocs is just like using Microsoft Word on your computer, and it may feel that way on the surface, legally the two are worlds apart.
In an interview two years ago, CEO Eric Schmidt was asked the question “People are treating Google like their most trusted friend. Should they be?”. His response? “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.” Using cloud computing involves not only entering a complicated legal framework, but trusting your 3rd party cloud source, perhaps the way that Hoffa trusted Partin. For the time being, I don’t use GMail, and my programs, e-mail and data are on my personal hard drive. I don’t see that changing any time soon.