SSRN Home Search and Download Papers Browse Abstract and Paper Submission Subscribe to Networks View Briefcase Top Papers Top Authors Top Institutions

 

Abstract

  
 

Footnotes (174)

Beta

 		 


 


Download | Share | Email | Add to Briefcase | Buy Hard Copy

Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era

Christopher Soghoian
Indiana University Bloomington - School of Informatics

August 17, 2009

Berkman Center Research Publication No. 2009-07

Abstract:     
Over the last few years, consumers, corporations and governments have rushed to move their data to “the cloud,” adopting web-based applications and storage solutions provided by companies that include Amazon, Google, Microsoft and Yahoo.

Unfortunately the shift to cloud computing needlessly exposes users to privacy invasion and fraud by hackers. Cloud based services also leave end users vulnerable to significant invasions of privacy by the government, resulting in the evisceration of traditional Fourth Amendment protections of a person’s private files and documents. These very real risks associated with the cloud computing model are not communicated to consumers, who are thus unable to make an informed decision when evaluating cloud based services.

This paper will argue that the increased risk that users face from hackers is primarily a result of cost-motivated design decisions on the part of the cloud providers, who have repeatedly opted to forgo strong security solutions already used in other Internet based industries.

With regard to the intrusion upon user privacy performed by government agencies, fault for this privacy harm does not lie with the service providers; but the inherently coercive powers the government can flex at will. The third party doctrine, which permits government agents to obtain users’ private files from service providers with a mere subpoena, is frequently criticized by privacy scholars. However, this paper will argue that this doctrine becomes moot once encryption is in use and companies no longer have access to their customers’ private data. The real threat to privacy lies with the fact that corporations can and have repeatedly been forced to modify their own products in ways that harm end user privacy, such as by circumventing encryption.

Keywords: cloud computing, privacy

Working Paper Series

Date posted: June 18, 2009 ; Last revised: August 24, 2009

Suggested Citation

Soghoian, Christopher, Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era (August 17, 2009). Berkman Center Research Publication No. 2009-07. Available at SSRN: http://ssrn.com/abstract=1421553


Export to: Export Citation What's this?

Contact Information

Christopher Soghoian (Contact Author)
Indiana University Bloomington - School of Informatics ( email )
901 E 10th St
Bloomington, IN 47401
United States
Feedback to SSRN (Beta)


Paper statistics
Abstract Views: 1,045
Downloads: 227
Download Rank: 37,367
Footnotes: 174
People who downloaded
this paper also downloaded:
1. Online Advertising, Identity and Privacy
By Randal Picker

© 2009 Social Science Electronic Publishing, Inc. All Rights Reserved. Terms of Use  Privacy Policy
This page was served by apollo3 in 0.109 seconds.