Your Data in Australia is subject to the US Patriot Act
One of the great advantages of cloud computing is the ability to compute across borders, thereby insulating a business from any localized issue that can potentially disrupt work (Earthquakes and Cloud Computing ). However, this necessarily means that business data is scattered across the globe, leading to possible legal and political complications (Computing Without Borders – What Works, What Doesn’t ).
Some time back I had written about a potential threat to consumer rights under the US PATRIOT Act, a threat that is somewhat protected against by the Fourth Amendment to the US Constitution but loses that protection in the cloud (Is Cloud Computing a Threat to Consumer Rights? ). Now, it seems that that threat goes beyond American borders, reaching out to Australia halfway across the world.
Now, some of you may very well chafe at the use of the word “threat” in this context. After all, you will argue, when the government wants to access private data for public good, it is in everyone’s interest to cooperate. While I wholeheartedly agree with the need for greater scrutiny in our current terrorism-stricken world, I feel it is only right to point out that there is a fine line between a caring government and an Orwellian Big Brother who dictates every sphere of human activity. After all, McCarthyism was right by the laws of its time, but subsequent generations have condemned it.
Make no mistake about it: I am not advocating individual or corporate rights over those of the society; I just believe there should be adequate safeguards available to ensure that in pursuit of protecting one of them, we don’t trample over the others.
According to Australian cloud computing company Ninefold, any data residing on Amazon servers in Australia would possibly to US legislation, specifically the US PATRIOT Act. This assertion was made even as Amazon CTO Werner Vogels tours Australia in a visit that analysts have speculated as being in the interests of Amazon’s introduction in the country.
“There are … critical considerations around data sovereignty and US-headquartered organizations, regardless of the location of the data center,” Ninefold’s local managing director Peter James said. “The US Patriot Act and the US Constitution affects data stored in AWS (Amazon Web Service) data centers wherever they are – even in Sydney.”
In an effort to highlight possible privacy issues, Ninefold had given considerable publicity to a recent FBI raid at a US-based data center operated by DigitalOne. The hosting company wasn’t informed about the raid until three hours after it had begun — and the end customers were kept completely in the dark.
“If DigitalOne hadn’t communicated with their customers, affected businesses would have had no idea that their website outage was not down to the usual suspects of technology or error, but instead due to their valuable data sitting in the back of an unmarked black van speeding away from the scene,” Ninefold had communicated on its company blog.
Now, this may be a scare tactic, but Ninefold has also warned that even if a business is storing “innocent” data, a hosting customer could still be impacted if “the Feds go after someone hosted on the same infrastructure”. “This means your data, while housed outside North America, can be taken and withheld by government and police with no warrant or due process simply because your provider is a US registered company,” it warned.
While Ninefold has its own motives in discouraging use of possible future Amazon service, being a rival to the American company, its claims do merit a closer look.
By Sourya Biswas