Following on from my last Blog, โ€œData storage in and outside the UKโ€, I thought that I would contribute an update on this topic.

For the benefit of those who didnโ€™t read the last white paper, well in summary it contained risks associated with outsourcing data storage and the data protection act (DPA).

So, on with the update.

In November I read a very embarrassing article (for Microsoft) and I must admit, for the first time I had some sympathy for the software giant even though most resellers of their technology wouldnโ€™t agree with me of late (for obvious reasons). Back in June of this year poor old Gordon Frazer (use the term loosely), MD of Microsoft UK, announced to a room full of journalists that he could not guarantee that data stored in Microsoftโ€™s European datacentres would not end up in the hands of the US government.

Now, imagine the scene, he is announcing the highly publicised โ€œMicrosoft Office 365โ€ product (at its launch) in London. The press had a field day and what came next was an onslaught of criticism from all sides of the room.

So why would โ€œpoor oldโ€ Gordon say this I hear you ask? Well since the September the 11th attacks on the World Trade Centre (and the Pentagon), a new US Government act came into play โ€“ SEC 215, ACCESS TO RECORDS AND OTHER ITEMS UNDER THE FOREIGN INTELLIGENCE SURVEILLANCE ACT.

So, what does this mean? Well simply put it allows the FBI to obtain ANY data from European companies that have their data stored in US-owned datacentres, even if the datacentres are based in Europe. If this wasnโ€™t serious enough, the datacentre in question would be under a gagging order not to mention this to the individuals under suspicion.

Now in most circumstances people such as you and I would not be worried about this prospect and live safe with the fact that the nasty terrorists are being observed (which I 100% believe in), however itโ€™s the speculative reasons that I am not overly happy about and let me explain why.

The above Government act (also known as the Patriot Act) is supposed to be linked to terrorism, however we will not know how itโ€™s being used. In fact you never will and if you object to your data having the ability to be in the hands of the US Government, you yourself will automatically come under scrutiny for being a terrorist by not cooperating, see the dilemma?

Just to raise another eyebrow, how about this. When Microsoft was asked to comment on this they declined. When HP and Amazon were asked, they didnโ€™t even respond and Dell and Salesforce suggested that they didnโ€™t have a spokesperson to available! Interesting hey? So, it comes back to my first paper on where you should store your data, within the country you reside in. Unfortunately this statement is now not good enough to protect the security of your IP (intellectual property), now it goes one level deeper โ€“ Is the datacentre US owned? Sound crazy? Then you would be thinking like me and expect a visit from the FBI for being uncooperative. Seriously though, this has big ramifications to the online hosting market place and data security.

Imagine what data could be accessed without your knowledge? Financial data, Health records, IP that you have been working on, pictures of the ex-wife, well maybe thatโ€™s a bit too far but you get the point.

Many UK based companies are now considering this topic seriously and the fact that this is not commonly known and there is very little, if any, publicity on this issue makes me think. Cloud Computing is a complex subject as it is with its own questions surrounding the variants of technology. This together with the topics of data sensitivity and security, it could โ€œCloudโ€(pardon the pun) the issue even more and potentially steer people away from the technology.

What do I think? Well I can see a move to a more local approach to data storage. I am a patriot of this country called Great Britain and wherever possible adopt and suggest this approach, this topic is just another reason for justifying it, one that I am sure that the UK government would agree with me on (G-Cloud).

For a more in-depth feature on this topic, please read the November issue of Computing (Nov 3rd), however this article does raise both sets of arguments with a slant and big centre on Rackspace, a US owned datacentre.

 

 

+ posts

Neil Cattermull, Director of Cloud Practice, Compare the Cloud

Neil's focus is on developing cloud technology and big data. You can often find him advising CXOs on cloud strategy.

Unlocking Cloud Secrets and How to Stay Ahead in Tech with James Moore

Newsletter

Related articles

Investment Opportunities for Startups and Technologies in AIย 

Although artificial intelligence developed from niche technology has become...

Four Surprising Lessons I’ve Learned Leading Tech Teams

Techies. Geeks. Boffins. Whatever your organisation calls its IT...

A Business Continuity Cheat Sheet

Right, let's be honest. When you hear "business continuity,"...

Challenges of Cloud & Ultima’s Solution to Transform Business

With the way that AWS and Microsoft dominate technology...

Data privacy concerns linger around LLMs training

We have all witnessed the accelerated capabilities of Large...