Tuesday, January 3, 2012

Why You Need to Get Your Head and Emails Out of the Cloud

By Kyle Gonzales

What would you say if I told you that someone in the U.S. Congress was trying to pass a law allowing authorities to access your e-mails or documents stored online for longer than 6 months WITHOUT A WARRANT?

Now what if I told you that you were too late, that it was already signed into law 25 years ago?

The year was 1986. The same year as the Iran-Contra scandal, the Space Shuttle Challenger disaster, and the Chernobyl meltdown. Little did anyone know that a privacy disaster was being signed into law by Ronald Reagan, ironically titled the Electronic Communications Privacy Act (ECPA).

The ECPA was created as an amendment to the Wiretap Statute written in 1968. The purpose was to extend the government's restrictions on wire taps of telephone calls to electronic data transmitted via computer. In many ways the law was very forward thinking and protected a medium of communication that was not yet widespread.

However, this law had a fatal flaw that has come back to haunt us. When the law was written, the Justice Department argued that e-mail residing on a server for long periods of time should be considered "abandoned" and no longer private. This assumption was made because in 1986 e-mail was not stored on the servers for long periods of time due to storage costs. Congress agreed, and set the limit for privacy protections in the ECPA to 180 days. E-mail stored on servers for longer than 180 days could be made available to the authorities with a subpoena issued without the approval of a judge.

Fast forward to 2011. People have GMail accounts with 5+ years of e-mail stored online with an ever-expanding availability to keep even more. The same is true with Hotmail, Yahoo Mail, and even Facebook. Many people do not even bother to download their e-mail at all, reading it via webmail interfaces.

Further, people have information stored online beyond just e-mail. Their calendars, contacts, business documents, personal diaries and more are all stored online. New services like Dropbox and Apple's iCloud encourage automated synchronization of the files on your computer with their servers online. Much of your data is stored in the cloud and therefore is open for the government to grab without a warrant once it has been online for more than 180 days.

At this point, you might feel powerless to escape the privacy hole created by this law, especially with so much of your data being pushed online and into "the cloud". Fortunately, however, there are proactive steps that you can take to get more privacy and protect your data.

Read the rest here.

1 comment:

  1. Whilst Apple's iCloud is a(n)(almost) great system, I do not like not being able to backup to both a physical computer AND the cloud simultaneously; you have to chose one. As such, I still back up to my computer and not the cloud. Look, call me old-fashioned, but I still see things as digital files as "things" to move, manipulate, and save. Cloud computing is so, excuse the pun, nebulous. Well, then again, I see money as an actual "thing," too, and not digits on a computers screen.

    Further, unless I'm missing something, there's no direct interface to see what you've got stored like an IMAP mail system or FTP site which goes along with the second bit above.