In his article about the risks to privacy, presented by the Cloud Computing paradigm, Saul Hansell ends it with this quote:
“Don’t put anything in the cloud you wouldn’t want a competitor, your government or another government to see”
The quote was taken from the World Privacy Forum report, this report is analysed in other parts of Saul Hansel text, but in my opinion this is the most interesting part. It’s a very short, powerful and obviously an alarmist quote, but it contains a message that we definitely shouldn’t ignore. The protection of our (user/corporation/company) private date is one of the hottest subjects on every IT area.
As the text goes on detail, on the Cloud Computing paradigm we start to talk about Service Provider and not only about IT departments or personal computers. These Service Providers will keep, or manage, your date inside the Cloud, but because this thing called Cloud has a physical representation, they have to deal with laws, and the question is: “Which laws should be used? The laws from the user’s origin country? The laws of the Service Provider’s origin country ? Same special interplanetary laws? “.
This question about user data protection is also one of the reason for the reduction the Cloud Computing service deployment. Some countries are demanding the strict following of standards and internal laws by a Service Provider that would operate in their frontiers (even if the Service Providers Datacenters are placed elsewhere). This demands are obliging Service Provider to delay their service deployment or to readjust their offers.
Although the legal perspective and protection is fundamental for Cloud Computing deployment, I think that we must continue to work in technical solutions that could help reduce these fears. One of the things that I consider fundamental is the development of an abstract layer that would work like a virtual file system between the browser and the server. This layer would encrypt the information on the client (browser) before send it to be service provider to be stored. I’ve talked about this idea on a Google Gears forum, but it looks like that this is something that A major service provider isn’t considering priority: