The American Civil Liberties Union, based in New York, NY, reported that the US government claims the right to read personal data online without judicial authorization. This trend is not unique to the US government. Many governments around the world also request these service providers.
According to the statistics published by Google, it received more than 16,000 requests for information that affected more than 31,000 users in 2012. The same Google statistics indicate that it provided information in more than 85% of the requests.
In 2012, Microsoft received more than 70,000 requests affecting more than 120,000 accounts. While this is a much higher number, Microsoft only produced information about these requests about 2% of the time. Nearly 80% of the requests asked Microsoft to disclose only subscriber and transaction information.
Businesses and individuals can take simple steps to prevent thieves, businesses, and the government from gaining access to online storage containing private information.
Here are some basic ways to protect or encrypt data to prevent teary-eyed people from seeing sensitive and/or personal information:
1) Data can be encrypted before being stored in the cloud. Products like TrueCrypt, Privacy Drive and MyInfoSafe allow the user to encrypt their data. This type of encryption can be performed for both files and folders before storing them in the cloud.
2) Use an “on-the-fly” encryption product that encrypts data just as it is stored by almost any online storage provider. Products like BoxCryptor, Cloudfogger, SafeMonk, and Viivo integrate with the cloud storage providers of your choice and encrypt data locally, but seamlessly, before it’s stored in the cloud. These services provide completely storage provider-independent encryption, ensuring that even employees of the storage provider cannot access data stored in your company’s cloud.
3) Choose a provider that encrypts data as part of their service. Storage-as-a-service companies like SpiderOak, iDrive, and Comodo not only transfer your data over an encrypted protocol, these companies also store data in an encrypted format, preventing easy viewing by those without an access key. your data. It is unknown if there is a backdoor they can use to access the data stored on their servers.
Companies are highly sensitive to government information requests due to their legal responsibilities under privacy laws such as HIPAA and the Gramm-Leach-Bliley Act. Therefore, in highly regulated industries such as financial services and health care, companies must strike a balance between government oversight and consumer privacy.
The US Electronic Communications Privacy Act of 1986 was enacted in the early days of the Internet. The law did not require government investigators to obtain a search warrant to request access to emails and messages stored in online repositories. In 2001, the PATRIOT Act further added the federal government’s authority to search records under its “Library Records” provision, offering a wide range of personal material you could dig into.
We are not suggesting that people try to circumvent the PATRIOT Act. But companies and individuals must do what they can to comply with data privacy issues. It should be up to the organization or individual to set a policy regarding exactly what, when, and to whom they disclose information from their cloud service provider.