In “Cloud Storage Makes Cents, But No Sense,” Brian Bailey makes an interesting economic case against using cloud storage.
But the story is deeper than that. A lawyer told me that you lose attorney-client privilege on communications conducted in the Cloud. He said that privilege requires one to have control over the communication and/or documents, and the courts have ruled such control does not exist in the Cloud (I'm no lawyer so can only recount what he said). This is a problem for people working with the law, of course, but a potential problem for anyone who may find themselves and their data in some legal trouble. That e-mail you sent while a bit inebriated to an ex-girlfriend twenty years ago could create trouble when you're presented with a dubious paternity suit.
Some (many? all?) Cloud services scan the data looking for images any reasonable person would consider horrific. Now, I'm sure none of us have any, but who thinks these scans are 100% accurate? You could get nailed because your compiled C code that did nothing more harmful than innocently attack SCADA systems looks like a bit little Jeremy. Encryption may take a text file and generate some binary that vaguely looks like Jesus on a piece of toast. Societal norms on what is offensive and illegal vary over time.
What if the RIAA (Recording Industry Association of America) and MPAA (Motion Picture Association of America) get their lackeys in the U.S. Congress to slip a mandate into section 53.291(a) subchapter (w) of some 2,500-page bill that requires Cloud services look for copyrighted material? How will we prove the music we ripped from a CD was legally purchased, though maybe long ago?
Another problem is no one really knows where the data is or how it is stored. It's likely held in multiple copies and locations. Does deleting it really work? How do you know?
If the data is only on your local computer, perhaps the U.S. National Security Agency (NSA) and agency on the planet does not have a copy of it. If the data transits the net to a Cloud server, well, we know James Clapper has given us his most sincere assurances that no one looks at it. And that even if they do, their security is absolutely air-tight. Unless some high-school dropout is involved.
It seems Kim Dotcom's Megaupload “service” was hosted on a Cloud provider's servers, and that company deleted all of the data. Perhaps the cops were involved. But what if your data is saved somewhere out there and the provider suddenly goes belly up? What if some law enforcement action is taken against some other company whose data is hosted on the same servers that contain your information — who is to say an indiscriminate wipe won't take out your stuff? Remember, that law enforcement agency may be from some other country with looser rules and constraints than practiced in your home country.
Don't forget Liebson's Law: any new technology takes 10 years before we really understand the implications and issues . The Cloud is attractive, but the risks may exceed the benefits. Weigh the potential downside versus possible problems.
Jack G. Ganssle is a lecturer and consultant on embedded developmentissues. He conducts seminars on embedded systems and helps companieswith their embedded challenges, and works as an expert witness onembedded issues. Contact him at . His website is.