Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How to keep the feds from snooping on your cloud data

Lucas Mearian | May 17, 2013
Virtual padlocks can keep storage providers — and the government — from accessing data in the cloud

While Leichter said CipherCloud's cloud encryption business is "growing rapidly," he would not expound on whether his company plans to begin selling a consumer-class product anytime soon.

Businesses are acutely sensitive to government information requests because they're also beholden to privacy laws, such as HIPAA and the Gramm-Leach-Bliley Act. So, in highly regulated industries, such as financial services and healthcare, businesses must strike a balance between government oversight and consumer privacy.

"They feel they can't comply with local privacy laws and have their data subject to Patriot Act. We allow them to encrypt their data in the cloud and they keep the encryption keys," he said.

The U.S. Electronic Communications Privacy Act of 1986 came along in the early days of the Internet. The act did not require government investigators to obtain a search warrant for requesting access to emails and messages that are stored in online repositories.

In 2001, the Patriot Act further added to the authority of the federal government to search records under its "Library Records" provision, offering a wide range of personal material into which it could delve.

"You can argue that people shouldn't try to skirt around the Patriot Act, but they're also trying to comply with data privacy issues," Leichter said. "When some government agency requires information disclosure, most organizations I know would like to make that decision themselves and not have the cloud provider make it for them."

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.