Tuesday, February 15, 2011

Cloud Computing and the Reasonable Expectation of Privcy Discussed in new Law Rveiew Article

I just finished an interesting article by Professor Weaver in the Mississippi Law Journal.  The title is The Fourth Amendment, Privacy and Advancing Technology.
I was particularly intrigued by the discussion of the implications of cloud computing:
In a modern society, many items of personal information are voluntarily conveyed to third parties. The advantage of cloud computing is that users are not tied to their computers (whether at business or at home), and therefore can access their data anywhere in the world.  Most commentators would be inclined to think that there is a reasonable expectayion of privacy in e-mail stored on ISPs and data stored on clouds.  The difficulty is that, since the information stored on the cloud is conveyed to a third party (the owner of the cloud) for storage, [the Supreme Court’s decisions] might suggest that the information is not protected against governmental prying.   . . .
Is it possible that such actions (phone calls, e-mails and cloud computing) are not protected by a reasonable expectation of privacy? One would guess not. . . .  Even if someone expects the phone company to maintain records of the phone numbers dialed by a customer, for long distance purposes or to prevent harassment, one ordinarily does not expect the phone company to monitor the contents of conversations. Like a letter that one sends through the mail, while it may be possible to determine to whom the letter was addressed, one would think that the contents of the letter are accompanied by an expectation of privacy. Similarly, when one sends e-mails through an ISP, or maintains data on a “cloud,” one does not expect the ISP or the company that maintains the cloud to monitor the content of the e-mails or the data stored on the cloud. After all, e-mails and clouds are protected by passwords and other security devices that allow only the customer to access the information and prevent the owner of the hardware from accessing it. As a result, one can argue that the content of the information has not been revealed to the third party.
This is the approach taken by the Sixth Circuit in a case I wrote about previously.  As I mentioned previously, the use of passwords and encryption is going to become increasingly important.  That is why the government efforts to obtain the ability to get past encryption is so significant.

No comments:

Post a Comment