(New Update: Privacy proposal targets cloud computing concerns.)As tech companies rush to make their services available in the cloud, one particularly notable member of the tech elite isn’t so sure about the current cloud computing craze. Speaking to a Washington audience after a performance of “The Agony and the Ecstasy of Steve Jobs”—the monologue of the controversial Mike Daisey—Apple co-founder Steve Wozniak expressed his concern about the increasingly popular trend.
“I really worry about everything going to the cloud,” Wozniak warned. “I think it’s going to be horrendous. I think there are going to be a lot of horrible problems in the next five years.”
What’s Wrong With Cloud Computing, Steve?
Elaborating on his statement, the Apple co-founder highlighted the proprietary ambiguity associated with cloud computing.
“With the cloud, you don’t own anything,” Wozniak observed. “You already signed it away.”
“I want to feel that I own things,” the Apple co-founder continued. “A lot of people feel, ‘Oh, everything is really on my computer,’ but I say the more we transfer everything onto the web, onto the cloud, the less we’re going to have control over it.”
Wozniak’s feelings about computing in the cloud aren’t the first of their kind. Once cloud computing services began springing up for consumer use, concerns over the ownership, as well as the privacy, of user data quickly followed—and for good reason, especially given the considerable gains that stand to be made by cloud service providers.
However, given the benefits that cloud computing offers to users, it is difficult to think that Wozniak’s prediction will prove to be a practical deterrent against this massive migration—by consumers and businesses alike—into the cloud. That said, ensuring that this valid concern remains part of the dialogue throughout this transition may well put the necessary pressure on cloud service providers to make user agreements line up with these reasonable expectations on ownership and privacy rights.
If not, the issue will probably find itself in the same forum where most disputes of this nature are resolved: a courtroom.
UPDATE: Privacy Law Would Require Warrants to Obtain Cloud Data
…Or on the House floor, apparently.
According to a new report from Wired, a pair of democratic congressmen has proposed a measure that would significantly amend the increasingly dated Electronic Communication Privacy Act, or ECPA. Given the general stagnancy of the ECPA since being signed into law by the Reagan administration back in 1986, this latest attempt to modernize this law could not be more imperative than it is now.
“Communications technology is evolving at an exponential rate and, as such requires corresponding updates to our privacy laws,” observes Rep. Jerrold Nadler, who, along with colleague Rep. John Conyers Jr., is sponsoring the proposal. “This new legislation will ensure that ECPA strikes the right balance between the interests and needs of law enforcement and the privacy interests of the American people.”
To demonstrate just how behind the times the ECPA is, the law was passed during the CompuServe era, before the days of Google, Dropbox, Facebook and Twitter. Back then, obtaining a warrant was seen as unnecessary for information kept on servers for more than 180 days—the point at which such information was reasonably considered abandoned.
“But technology has evolved, and e-mail often remains stored on cloud servers indefinitely, in gigabytes upon gigabytes—meaning the authorities may access it without warrants if it’s older than six months,” writes Wired’s David Kravets.
Clearly, this was not the purpose of the ECPA’s warrant exception when it was passed into law, making the Nadler-Conyers bill a necessary one to say the least. To be sure, the proposal—whose chances of passage are likely steep in light of past attempts to modernize the ECPA—would address the act’s current shortfalls with the following changes (as posted on Rep. Nadler’s House member page):
· Provide a uniform standard and set notice rules when the government accesses the contents of communications;
· Amend the law to provide the same statutory suppression remedies for electronic communications as are currently provided for wire and oral communication surveillance. Currently, an aggrieved person can suppress wire or oral surveillance, but not electronic.
· Add new – and, in some instances, modify existing – reporting requirements to ensure that Congress has sufficient information for effective oversight and possible future reforms.
God knows such an update would be long overdue, especially in light of the concerns expressed by Wozniak (see above); however, whether it will survive, or even receive, a committee hearing is an entirely different matter.