Re: [Discuss] Discuss Digest, Vol 6, Issue 9
Rich Braun ri...@pioneer.ci.net I've been targeted in a John Doe case in which a mere law firm (not a law enforcement agency) served a subpoena against a major email provider. The rules are pretty hazy and your data definitely is not safe from prying eyes. This is an interesting topic. As people are moving storage to the cloud, there are many privacy and trade secret issues that are not yet fully addressed by the case law. I am doing a legal research paper this semester focusing on exactly this issue. It would be much appreciated if you could share some of the technical issues on this subject, such as what encryption efforts are normally done, how effective is the encryption, etc. I would be more than happy to share my write up with the list after it's done. Thanks in advance! Regards, HYC ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Discuss Digest, Vol 6, Issue 9
Rich Braun ri...@pioneer.ci.net I've been targeted in a John Doe case in which a mere law firm (not a law enforcement agency) served a subpoena against a major email provider. The rules are pretty hazy and your data definitely is not safe from prying eyes. This is an interesting topic. Yes, very interesting from a legal and technological point of view. As people are moving storage to the cloud, there are many privacy and trade secret issues that are not yet fully addressed by the case law. I would say that the law is actually fairly settled, and it is scary. No one seems to be addressing or even knows that your right to privacy in the cloud is non-existent. Once your data is in the hands of someone else, they have no real right to protect it unless they are your legal counsel. The government has the right to access your data without a warrant and the ability to demand that your agent NOT tell you. (read up on NSA letters) What's worse is that your agent has no legal requirement to use its 4th amendment right to fight for you. In fact, it comes down to cost. If you are a $20/month customer, would your cloud provided spend millions to defend your privacy? I am doing a legal research paper this semester focusing on exactly this issue. It would be much appreciated if you could share some of the technical issues on this subject, such as what encryption efforts are normally done, how effective is the encryption, etc. I would be more than happy to share my write up with the list after it's done. Thanks in advance! Regards, HYC ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Discuss Digest, Vol 6, Issue 9
On Nov 4, 2011, at 2:14 PM, Hsuan-Yeh Chang wrote: 1. Is there a way to encrypt data stored with cloud services (such as dropbox) that can be decrypted only by the data owner, not by agent? I believe PGP can do a pretty good job, am I correct? Sure it can, but one of the reasons that DropBox is great is because it saves incremental backups of your files (tracking changes and the like). If you start encrypting them you loose this - also, if you're encrypting an image of some kind (so you don't have to enter a passkey every time you access the file - ie unencrypting a file at a time) then you'll have massive changes to upload every time you access files. So yes - but it's probably not workable (yet - maybe a good business idea) 2. If I send an e-mail (with attachment) from Gmail to Hotmail, would both Google and Microsoft keep this e-mail on their respective servers forever? Probably - at least they would reserve the right to Wouldn't that quickly explode the service provider's storage space? Disk space is cheap - 'cloud storage' anyone? Would the ISP also keep a copy of that e-mail? Gmail (at least) uses (correct me everyone) SSL transport encryption when it can so hopefully your ISP won't know whats in there - I wouldn't bet on it though Dan (with tinfoil hat on) O'Donovan ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
