Where do you store your cloud data, and can the US government access it? Many executives simply unaware, says Zettabox’s Jim Kinsella
The co-founder of cloud storage specialist Zettabox is surprised at how clueless many senior executives are about where their data is stored in the cloud.
That said, Jim Kinsella believes that people are growing increasingly concerned over the fact that the US government has the right to reach into the servers of any US-based cloud storage provider.
Data Sharing Lawsuit
Kinsella’s concerns come after the highly influential advisor to Europe’s top court recently delivered his stunning verdict on the validity of the data sharing agreement between the EU and US.
Advocate General Yves Bot told the European Court of Justice (ECJ), that the existing data sharing deal between the US and Europe is invalid and that members states can suspend data sharing with the US.
“The data-sharing agreement with the United States is not dead in the water,” Kinsella told TechweekEurope. “Bot’s input is a recommendation to the court, which will make the final decision in a few months time.”
Indeed, the ECJ judges are not bound by Bot’s opinion, but they tend to follow it in most cases.
“What I was surprised at what the heat at which Bot wrote his opinion,” said Kinsella. “He is clearly outraged, and has not held back at pointing fingers at European Commission people who fell down on the job.”
Kinsella is referring to decision made by the European Commission in July 2000, when they said that under the current ‘safe harbour’ scheme, the US did have an adequate data protection safeguards.
Advocate General Bot clearly believes that Commission decision was deeply flawed.
“Bot has not minced his words, and is clear that he thinks the US does not protect people’s data,” said Kinsella. He then explained that was the fundamental reason why he set up Zettabox, so that any European data actually stays in Europe.
“We understand the laws, and anyone who uses Zettabox can be reassured that all our servers are in Europe. We also offer the option for businesses to store their data in ten specific European locations, such as London, Paris, or Amsterdam,” he said.
“Data is better protected in Europe, and if you are a business trying to guarantee where your customer data is stored, you have to understand where that data actually sits,” said Kinsella. “Our conversations show that the majority of companies, big and small, have no idea where their data is sitting, and that is the most shocking thing about this.”
This issue of where cloud data actually resides, and who can gain access to it, has been thrust into the limelight recently following the lawsuit brought by Austrian lawyer Max Schrems, who was concerned that Facebook and others have (albeit reluctantly) shared the data of EU citizens with American intelligence agencies.
“Whatever you think about the Schrems case against Facebook, there are going to be massive implications for Facebook, Amazon Web Services, Dropbox, Google and others,” said Kinsella. “These firms are going to be challenged because they cannot guarantee the privacy of European citizens’ data.”
“Microsoft is already fighting with the US Department of Justice against a demand by US law enforcement that it hands over email records of a customer stored offshore in an Irish data centre,” said Kinsella. “There is a deep desire to change this situation among US tech firms, but the US already has an agreement with Ireland to access this data.”
“Lets be clear, all governments require data controllers hand over information to help stop a crime etc. It happens all time,” said Kinsella. “But the United States consistently overreaches in foreign countries. That is what makes this situation unique, and that is why we started Zettabox.”
“The United States has the right to reach into the servers of any US-based firm, even if that data is in Europe,” warned Kinsella. “I think the ongoing conversations between the EU and the United States over the data sharing agreement will have new urgency now.”
Kinsella pointed that President Obama has expressed data privacy concerns for foreigner nationals. Obama indicated in June last year that he was prepared to allow European citizens to sue the United States over the misuse of their personal data.
But Kinsella said that Obama is hampered by his hawkish Attorney General who wants to use every tool in the US armoury, plus the fact the US is heading towards a potentially nasty general election.
“A lot of our customers are fundamentally concerned at US snooping,” said Kinsella. “One of customers has told us that they need to know where their data is because of copyright issues. Other private clients don’t want to lose their data to US controlled servers that can be easily accessed by US officials.”
So what is Kinsella’s final thoughts on the issue of cloud data location?
“My overriding thought is that it is surprising all those companies that don’t come to us,” said Kinsella. “They are quite clueless about where their data is, and the cloud is very political when talking about cloud storage.”
“I have to say that I am shocked at those companies that don’t know, or don’t question, where their data is stored,” said Kinsella.
“I was speaking to a very senior executive what about cloud sharing tools he uses,” he said. “The executive said he uses Dropbox, and the meeting suddenly became a bit awkward when one of his own people pointed out that Dropbox was not authorised, as all of Dropbox sits on servers belonging to Amazon Web Services. This means that all his confidential corporate data was sitting on servers on the East coast of America. It was crazy.”
Are you a cloud computing expert? Try our quiz!