DRM News

Cloud Computing : Convenience & Privacy Concerns

January 6th, 2010

Cliff Riseborough

So, I guess I get to be the one starting this whole project off. Um…yay?

While the main focus of this site is going to be concerned with DRM issues, we are also going to branch out and cover other technology-related topics as well, just like this one.

Cloud computing. You’ve probably heard of it, and chances are you’ve actually done it (though you may not realize it). First off, let’s cover what it is.

That image (which I’ve taken from here) gives a pretty good idea of what the concept actually consists of. Basically, a multitude of services and devices all drawing from a central ‘cloud’ (also known as ‘The Internet’). Still sounds like something futuristic, something you’ve never utilized? Think again.

Have you ever used one of Google’s many applications…Google Docs, or Google Maps? How about Twitter or MySpace or any of the other social networking software that’s out there? IM programs like Windows Live Messenger or AIM? Steam uses cloud technology to store users’ key bindings and saved games in a central location. Microsoft has used cloud technology in its line of Windows Live applications on Windows 7. Any time you use a software application that allows access from multiple locations, you’re using a cloud app. Heck, you could make the case that email is the most basic of cloud applications.

Okay, so you use them…what does that mean? After all, these programs are convenient, they’re easy to use, they allow you to access your games or email or documents or whatever else from anywhere. Isn’t that a good thing? Of course it is…so long as you realize that there can be drawbacks.

The single biggest concern is that of the privacy rights of the user. A couple of years ago, Google launched a mobile version of Google Maps, letting cell phone and PDA users access the maps from their portable devices. Incredibly handy. However, as the New York Times discovered, Google was gaining a lot of their information on where a user was by logging location tracking data whenever someone used any Google application from their portable device. All of that info was stored on central servers, and it’s more than likely still there. If you were logged in to your Google account last year when you launched a search for where to find the closes Chinese restaurant in New York, that data is still saved on their central server network.

This is one small example of a potential issue…all of the data stored on these ‘clouds’ is actually stored on servers beyond the control of the user. This isn’t necessarily something bad, but when it comes to things like financial information and other sensitive documents, it probably doesn’t represent the sort of data that most people want spread around.

As reported in an article on ars technica today, the Federal Trade Commission (FTC) is speaking up about cloud applications.

Such issues have raised concerns at the Federal Trade Commission (FTC), especially since many consumers aren’t really aware of the data security issues raised by storing information on remote servers. “For example, the ability of cloud computing services to collect and centrally store increasing amounts of consumer data, combined with the ease with which such centrally stored data may be shared with others, create a risk that larger amounts of data may be used by entities in ways not originally intended or understood by consumers,” said the FTC in a letter this week.

Already, many employers are launching online searches of their prospective employees, and they aren’t sticking with a simple Google or Yahoo or Bing search. They’re actively checking out your blog, your Facebook page and your Twitter feed. They’re reading your posts and looking at your history, and that’s all part of their determination of whether or not you would make for the sort of employee that they want to hire on. Spammers also look through this sort of information and use any discovered messaging account names or email addresses they find to try and drum up business (I myself once had someone message me on Skype looking for writing work. I had never met this person or interacted with them in any way prior to this. The only way that I can determine that they knew my Skype name was that I had it visible on a forum at the time). And of course, there are various ‘unsavoury’ types who are constantly looking for back door access to financial or governmental records anywhere they can find them.

Returning to the article :

That letter was directed at the Federal Communications Commission (FCC), which is currently drawing up a national broadband plan that will be submitted to Congress next month. In advance of the plan’s release, the FTC wants to make sure that the FCC “considers technologies such as cloud computing and identity management in implementing a national broadband plan.”

That means publicly recognizing the FTC’s growing expertise on issues on online privacy and data security. “Accordingly, we recommend that the Broadband Plan recognize the FTC’s law enforcement, consumer education, and ongoing policy development efforts in light of its years of experience in online, and offline, consumer protection,” concludes the letter.

The FTC is in the middle of a set of hearings on these issues; the next one takes place on January 28.

Now, clearly part of what is driving the FTC in this manner is jurisdiction. They want to maintain control over enforcement of online issues, and they want that put in writing by the FCC. However, as I’ve pointed out, there certainly are reasons to want enforcement of things like privacy rights.

Look, am I saying everyone should unplug from the Internet and cower in the corner? No. I use a lot of these applications myself. Steam, Impulse, multiple IM clients, Skype, Google Docs, Google Reader, Twitter…all of those have a home on my computer. I’m writing this up in Windows Live Writer. I have a blog that I sometimes even write content for. All that I’m saying is that people need to be conscious of the fact that being 100% open online makes about as much sense as being 100% open in ‘the real world’. You wouldn’t leave your house unlocked 24 hours a day, and by the same token you shouldn’t throw personal information that you really consider important out there for anyone to find, either.