Online File Storage from Google, Dropbox and Microsoft - One More Thing about CISPA


At the risk of being accused of being grumpy, if you read my previous posting on the U.S. House of Representatives passage of the Cyber Intelligence Sharing and Protection Act (CISPA) yesterday, you may have discerned a bit of discomfort on my part with the issues surrounding the sharing of my personal data by various online companies with the National Security Agency (NSA). It is not that I am paranoid, it is the fact that everyone is after me. Unfortunately, they are probably after you as well.

There is madness in my method. 

This past week saw an escalation in the arms race to put more of me and you in the cloud. The introduction of Google Drive, the update really of Google Docs which will store my files in the cloud, is just the latest in a series of siren songs to entice all of us to off-load “E”verything from our hard drives. What makes this so desirable is along with Dropbox and Mircosoft SkyDrive, I now have lots of “free” options to store my files with inexpensive monthly fees if I really want to store tons of stuff.

The value proposition is actually compelling. No more worries about the blue screen of death from a hard drive crash, although I happen to already use Carbonite to protect myself from this misfortune and the misery of remembering to backup my hard drive on an external device. No more problems of overloading a smartphone or a tablet. No more hassles of sending emails with attachments that are too big for my ISP. In other words, no worries, right? Wrong!!!!

First, Google is notoriously lax when it comes to handling the personal information of mine they already have. Second, I saw a comment on a favorite blog I read that said something to the effect of, “If I offered to store your Social Security card for free, would you take me up on it?” Third and most importantly, it would behoove everyone to actually read the terms of service (TOS) of all of the above. These are there because of the companies’ fears of being sued for copyright infringement. Therefore, they are all careful to say they do not “own” the content stored on their sites. Then it gets dicey. 

 I won’t go through all of fine print, but buyers beware.   Here is an excerpt from Apple’s iCloud TOS just for grins.

Except for material we may license to you, Apple does not claim ownership of the materials and/or Content you submit or make available on the Service. However, by submitting or posting such Content on areas of the Service that are accessible by the public or other users with whom you consent to share such Content, you grant Apple a worldwide, royalty-free, non-exclusive license to use, distribute, reproduce, modify, adapt, publish, translate, publicly perform and publicly display such Content on the Service solely for the purpose for which such Content was submitted or made available, without any compensation or obligation to you."

They may not claim ownership, and may only do as you instruct, but there is also no liability on their part if things go wrong. Google calls Google Drive a “safe place.” However, on its Policies & Principles page it notes the following:

Our privacy principles remain unchanged. And we’ll never sell your personal information or share it without your permission (other than rare circumstances like valid legal requests).     

The last little tidbit brings me back to CISPA. How “rare” might valid legal requests be under CISPA? Since the goal is to share info and catch the bad guys, the idea of notifying that my information is being shared would defeat the purposes of the bill.   It is bad enough that Google is keep track and storing way too much about me already, although I am a sucker for its convenience and accepted its privacy terms even though I hardly trust them. But, what happens if they get all of my business or personal files, you know like the spread sheets used for tracking all of your household finances, are “legally requested?”   Do I really trust Google or anyone else not to pry so they can use predictive analytics to hone their pitch to their advertisers? Past behavior on this front is not encouraging.

Trust is the coin of the realm going forward in the online world. CISPA has me thinking that it may be time to create a storage area network in my home and use an old external hard drive, clustered with an old PC, to store “E”verything and pray my domicile is not destroyed by flood, fire or wind. 

Enterprises have questioned how much of their critical information they are willing to put in the cloud based on security and compliance concerns. It may be time for all of us to become a bit more circumspect as to the places we put things and the permissions we grant as a tradeoff for convenience. Peace of mind is after all priceless. One can only hope that as cyber security legislation moves through the legislative process either now or after the election that lawmakers understand the price of privacy. There seems to be ample reason to distrust both big government and big business, and the combination could be hazardous to our collective psyches if not our overall health.

Edited by Stefanie Mosca
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More