OPINION: LEFT TO MY OWN DEVICES: Hey, you, go ahead and come onto my cloud

·5 min read

Jul. 27—Many people like to tag their email signature line with inspirational, philosophical, or humorous quotes. We tend to skim over or wholly ignore email signatures. We already know your name by virtue of you being the sender. Your company name, address, phone number ... all that we either know or don't need. You've already gotten our attention. It's a loss, then, too many times when you add that very personal touch of a quotation and we aren't observant enough to take it in.

I do fairly well with staying engaged for the entirety of an email, even the signature line and quote. Some correspondents ping me dozens or more times daily or weekly. Theirs, I assume, are more likely to get the skim-over. Usually, time permitting, whenever I see a new sender's name, or I get an email from someone I rarely do, or someone whose authority or position I truly respect, I'll be more caring about reviewing the entire message. Many of the more highfalutin types demonstrate their level of operation with their brevity: no title, no formal salutation, and certainly no personalized quote.

One colleague of mine added a quote that, despite my missing whether it's since changed, will always be memorable and true. They're by far the more prolific technologist, so when they added the quote I'm referring to, it rang loudly: "Putting your data on 'the cloud' is just another way of saying you put your data on someone else's computer."

When you conjure a visual of "the cloud," you might revert to childhood, lying in some bucolic, rich, green carpet of grass gazing up as clouds pass. You'd try to see within the cumulus or cirrus globs more familiar forms: "That's a rabbit!" "Oooo, a mushroom!" We're still trying to figure out just what a cloud is albeit now digital rather than water vapor in nature.

The one thing that seems similar is that our data-bearing clouds are just as mysterious as the child's eyes' rabbits or mushrooms. Our data does not go to the cloud and waft around in forever morphing nondescript semblances of imagery. The cloud is much more logical and intentional. And, as my colleague wrote so truly, it's simply someone else's computer, an image you can envision. This invites the topic of security. If you can't see that because the cloud, itself, or better said cloud computing, confounds you, test your fears. Take your smartphone, make sure it's password protected or otherwise secured so that any ol' Joe Lunchbucket out there couldn't get into it. Then, just hand it over to Joe to possess for an hour or so. Walk away. Feel secure?

"The cloud" became a label for the remote landing spot of your data not that long ago. In the early 1990s the term crept into the tech community when so-called distributed computing became a strategy, or grew as a strategy. Companies, governments, and other large consumers of data were finding their storage coffers bursting. Contracted services sprung up such that vast arrays of data farms—again, call them what you will, but they're simply piles of computers somewhere—had the capacity to store those data until the proper owner needed to access them. Meanwhile, said owners had to just trust that the valet wasn't going to take their car out for a joyride while they were dining, to mix metaphors. The security implications quickly became part of the conversation.

For all of cloud computing's solutions provided, there are ample issues too, security not being the only one. Where the data are stored might be very hard to identify when needed. When you can identify the cloud computer where your precious data are, you immediately need to ask, "Okay ... How about now?" Data can always be on the move while in the cloud, or one of the clouds, or that one cloud's cloud partner. Enter the concept of backed up data, and the layers pile on.

Maybe you don't care where, geographically, your photos are being stored on the cloud(s). You just want to see them when you want to. Use Gmail, Yahoo!'s email, Hotmail, AOL? If it's the latter, you likely already checked out from this piece, or are waiting to dial into the world wide web to read this piece. No matter, all those emails go "up" to the cloud, bounce around amongst various clouds, get backed up onto some other cloud, ad nauseum. Sometimes, to make it all the more graspable, mere pieces of your photos, songs, or debit card numbers shuffle off to Cloud A while other pieces of it find Cloud B as their home. Try to sort all that out!

While you may not be compelled to sort it out, law enforcement and other legal actors must. After all, if you commit a crime in Arizona, it's unfair to try you in Kentucky, right? Where the data are, when it comes to cybercrimes, is as important as where the holdup occurred. I'm invoking the complicated legal tenet of jurisdiction.

In 2019, A.G. William Barr and current U.K. Home Secretary Priti Patel tried to help sort out this dilemma. The U.S.-U.K. Data Access Agreement, a treaty agreement facilitated by America's Clarifying Lawful Overseas Use of Data Act—Get it? CLOUD Act? Clever legislators—signed into law in 2018 enables these bilateral trades of data in spite of their multijurisdictional nature.

The U.K. version will undoubtedly be followed by others. Crime-fighting may be bolstered by the free-flowing results unencumbered by complex procedural hurdles that jurisdiction leads to. Though along the conventional lines of security risks, now even more than ever our cloud data is prone to access points all over the globe. I suppose that's not new, or anymore understandable at least. Whether rabbit, mushroom, or data storage, the picture's still a bit cloudy.

Ed Zuger is a professor of cybersecurity, an attorney, and a trained ethicist. Reach him at edzugeresq@gmail.com.