Does Every Cloud Have a Silver Lining?

TL;DR: Thunderstorms occur when divergent forces collide in clouds. It is becoming increasingly clear that cloud computing is in our extended forecast, but whether the imminent digital due process storm the cloud foreshadows will contain a silver privacy lining remains to be seen.

❗ Heads up! This post is archived and here for historical purposes. It may no longer be accurate or reflect my views. Proceed at your own risk.

2 minute read

Today’s New York Times article outlining law enforcement officials’ attempts to expand their digital wiretapping authority, offers interesting insight into the law enforcement world of tomorrow. In the not too distant future, TV’s crime-process dramas may take on a very different feel. Gone will be the days of gun-toting detectives busting down doors, search warrant in hand. Instead, as our lives become increasingly digital, investigations will be conducted by keyboard-wielding lab techs submitting automated requests to service providers. Don’t be surprised if the next CSI spin-off is CSI: Inbox Inspectors Division.

But why does this shift matter? Simply put, in the cloud, there is no door for the police to kick in. While the law is clear in that your physical files and those computer files stored on your computer itself enjoy the protections of the fourth amendment, those stored in the cloud do not, and the standards of proof required differ dramatically.¹

Consider this: you are the target of a criminal investigation and the police believe that six months ago you e-mailed an accomplice to discuss the crime. Depending on your email settings and which service you use (for example, if the “leave downloaded messages on server” option is checked), the police may need only offer “specific and articulable facts” that they suspect the email is related to the crime.² That same email stored on your computer (for example, if the setting is not checked), would require a search warrant and showing of probable cause, and thus would be afforded significantly greater protections under the law.³

However, the typical “if you don’t want it public, don’t put it on the internet” argument doesn’t apply here. While that may be true for photos and updates posted to social networking sites, as more and more of our lives (and commercial dealings) are pushed to the cloud, we’re losing our abilities to have a digital private sphere.⁴

The good news is that it’s in service providers’ interest to instill confidence in the integrity of your data by disclosing when information is shared with authorities and by pushing for legal reform to better safeguard personal data stored in the cloud. The bad news, beyond more painfully tacky computer search scenes, is that before we know it, our perception of privacy may be forced to evolve.

Thunderstorms occur when divergent forces collide in clouds. It is becoming increasingly clear that cloud computing is in our extended forecast, but whether the imminent digital due process storm the cloud foreshadows will contain a silver privacy lining remains to be seen.

Photo credit: garyhayes

1. Compare Fed. R. Crim. P. 41(e)(2)(B) with 18 U.S.C.A. § 2703(d) (West). ↩

2. 18 U.S.C.A. § 2703(d) (West). ↩

3. See generally Obtaining Electronic Evidence, Federal Law Enforcement Training Center (July 2003). ↩

4. Take Google, as an example, who, to their credit, is a front-runner in the push toward digital due process, testifying on the Hill just last week. Without signing up for a Google account, through the use of cookies, Google can compile a relatively accurate profile of what sites you visit and how often you visit them, what products you purchase, and where you go. And if you sign-up for a near-ubiquitous Google account, you introduce the cloud to what others are saying about you, what you read, files stored on your computer, and even your medical history, not to mention with whom you communicate, what you’re doing, and where you are right now. ↩

Originally published October 10, 2010 | View revision history

If you enjoyed this post, you might also enjoy:

• Why open source
• Will Federal Contracting Officers Soon Have Their Heads in the Clouds?
• 19 reasons why technologists don't want to work at your government agency
• Twelve tips for growing communities around your open source project
• Four characteristics of modern collaboration tools
• Why everything should have a URL
• Five best practices in open source: external engagement
• How I over-engineered my home network for privacy and security
• How I re-over-engineered my home network for privacy and security
• Why WordPress
• 15 rules for communicating at GitHub

Ben Balter is the Director of Engineering Operations and Culture at GitHub, the world’s largest software development platform. Previously, as Chief of Staff for Security, he managed the office of the Chief Security Officer, improving overall business effectiveness of the Security organization through portfolio management, strategy, planning, culture, and values. As a Staff Technical Program manager for Enterprise and Compliance, Ben managed GitHub’s on-premises and SaaS enterprise offerings, and as the Senior Product Manager overseeing the platform’s Trust and Safety efforts, Ben shipped more than 500 features in support of community management, privacy, compliance, content moderation, product security, platform health, and open source workflows to ensure the GitHub community and platform remained safe, secure, and welcoming for all software developers. Before joining GitHub’s Product team, Ben served as GitHub’s Government Evangelist, leading the efforts to encourage more than 2,000 government organizations across 75 countries to adopt open source philosophies for code, data, and policy development. More about the author →

This page is open source. Please help improve it.

Edit