Cloud Computing and Human Rights - Research Paper Example

Cloud Computing and Human Rights Table of Contents I. Abstract 3 II. Introduction 3 III. Discussion 5 A. Cloud Computing 5 B. Cloud Computing and Privacy Rights 6 References 10 I. Abstract The paper discusses the statement that cloud computing has the potentiality to be the source and creator of some of the biggest violations of human rights in the new century. Starting from a general overview of cloud computing and the context of the discussion with regard to the nature of human rights violations under the age of the Internet and cloud computing, namely privacy and ownership rights, the paper focuses on the impact of cloud computing on privacy, citing specific examples of individual and massive breaches in privacy perpetuated by insiders and by entire governments. Along the way, the paper touches on the legal regimes that regulate surveillance of cloud activities, and the basis of such laws in more fundamental laws relating to privacy rights. The paper also touches on the concerns that individuals and governments have with regard to the way cloud computing wrestles control of data from users, and how such control issues weigh on decisions by individuals and governments to move their activities over to the cloud (Ion et al. 2011; Solove 2007; Warren and Brandeis 1890; Necessary and Proportionate 2013; ACLU of Massachusetts 2013; Judge 2013; Brown 2013; Timberg 2013; Schneier 2013; Chen 2010; Davies 2013; Johnson 2013). II. Introduction This paper discusses the statement that cloud computing, in the new century, has the potentiality with regard to the creation of the largest violations of human rights. This statement pertains to cloud computing as a potential platform for the breaching of the privacy rights of individuals, and those corollary rights that pertain to privacy rights, including the right to privacy of health information and other corollary rights. Cloud computing refers to the use of online storage and applications, including social media, platforms for sharing documents and images, and the way users are made to agree to user agreements that may compromise data privacy rights in favor of greater use of such personal information by service providers, among others. Such breaches of privacy rights and the issues tied to that extend to the way governments have come to have access to private citizen data as they are generated from their smart phones and other computing devices, including personal computers and tablets, and how such access is made without explicit consent and knowledge of citizens in various parts of the world. The violations of privacy rights can be gleaned from a cursory look at the literature to be pervasive and crosses social and national boundaries, and that in turn poses serious questions with regard to the overall desirability of cloud computing platforms when it comes to individuals who are wary of the intrusions into their private data by governments and private enterprises, and by the way such intrusions can result in the safety and overall integrity of the human person being compromised. This in turn poses questions with regard to the overall desirability of alternatives to cloud computing, such as the use of private, offline storage and applications, to circumvent surveillance by various governments and third parties and to secure the privacy rights of human beings around the world (Ion et al. 2011; Solove 2007; Warren and Brandeis 1890; Necessary and Proportionate 2013; ACLU of Massachusetts 2013; Judge 2013; Brown 2013; Timberg 2013; Schneier 2013; Chen 2010; Davies 2013; Johnson 2013). III. Discussion A. Cloud Computing There are aspects of cloud computing that the public considers to be intrinsic to the use of such Internet-based or cloud-based services, such as email and the sharing of various documents and images, and other content, that are not safe from the point of view of privacy, and that these intrinsic aspects of cloud computing are more or less factored into considerations for use of such cloud computing services, platforms, and applications. In the concrete, where the general public is concerned, the understanding from the literature is that this is not very secure from intrusion, and this is accepted as being true for all Internet based accesses in general. On the other hand, there is also the understanding that cloud computing for end-users can benefit from greater security and greater privacy, to the point where such consumers are willing to fork out extra money to secure their privacy and security. On the other hand, even with the understanding by consumers that the Internet and cloud computing in general yields compromises to security and privacy, consumers nevertheless expect providers to have certain potential liabilities for breaches in client privacy and data security. There are also aspects of cloud computing and user attitudes towards cloud computing that are varying depending on the culture and the country, so that other countries are more accepting of data intrusions by third parties, such as government, than others (Ion et al. 2011). Taking a step back, cloud computing in general has to do with the computing delivered over the Internet on an as needed basis, as opposed to traditional computing where the computing infrastructure bases computational power on the local station, such as the desktop and the smart phone. In the latter setup both storage and computing power are located at the terminal end, whereas in cloud computing the applications and the storage exist on a server in the cloud or on the Internet, and the user accesses the applications and the computing resources, including the storage, as the user needs those. This is computing as a service that is being pioneered by a few large Internet giants with the money and the infrastructure to build cloud computing resources to the right scale. These include Google, Amazon, and Microsoft. There is a marked trend towards more and more people making use of cloud computing platforms and services by default, owing to the fact that many of the current and coming crop of so-called web 2.0 services make use o such cloud computing platforms and resources by default. (Johnson 2013), B. Cloud Computing and Privacy Rights Apps made by giants such as Google, including email and a host of other apps that improve productivity, also reside on the cloud, prompting warnings from computer scientists such as Richard Stallman to issue warnings about the dangers and the flipside of consumers handing over data to giant third parties, who can use their data against their privacy wishes and in breach of their privacy rights, as well as their ownership rights. In the latter case third party cloud providers can effect the denial of access of consumers to their own data, for various legal and/or commercial reasons Commercial reasons can include customers not being able to pay fees for the use of certain cloud computing and storage services, From the perspective of those opposed to the use of cloud computing, the key issue is one of control, where users are unable to make use of their data as they see fit, but rather become prey to the whims and motives of those who control the cloud storage and software (Johnson 2013). This line of thinking is corroborated by recent decisions by some entities, such as the Government of Sweden, to ban the use of Google Apps as cloud-based application services, for the very reason that there is a certain level of opaqueness in the way processes data for its data mining activities and with regard to who exactly among the subcontractors of Google has access to data that resides in its cloud. These are precisely the reasons cited by the agency for data protection in Sweden. The thinking is that for a government such as Sweden, such uncertainties translate to uncertainties with regard to the integrity of the privacy of data on Sweden's citizens, and ultimately translate to a loss of control, as has been discussed by Stallman. The heart of the issue for Sweden with regard to its rejection of Google's cloud apps platform for its potential use in various government agencies in Sweden is precisely this uncertainty and lack of control (Davies 2013). This lack of control then spills over into issues with regard to the privacy rights of individuals who make use of Internet/cloud services, and how those rights may be compromised not just by outsiders wanting to get into the system to leverage data for illegal and dangerous uses, but by insiders, such as employees and contractors, who may have access to confidential data and who may use such data for purposes that undermine the safety and privacy of its users. This is the case for instance with a Google engineer who has been found spying on four minors, making use of inside access to data in Google servers to illegally transgress the privacy rights of the minors and put their lives and security in danger (Chen 2010). Then there is the larger reality of the transgression of human rights on a larger scale, as it relates to surveillance and the pervading attacks on the privacy of individuals by governments, which have the potential indeed to be the biggest cases of violations of the human and privacy rights of whole peoples and nations. At the heart of the matter is the competing claims of government to secure the well-being of its citizens from rogue elements such as terrorists and criminals who leverage the Internet to defraud and destabilize government and the general society and on the other the need for citizens to be protected from unlawful intrusions by the very governments into their data and into the most confidential aspects of their lives. Such has been the battle offline with regard to the privacy rights of individuals on the one hand and of the government's need to access citizen data for various purposes, and the ascent of cloud computing extends the battleground from the streets to the online world, where the stakes can be much higher owing to the general greater facility with which governments and third parties can access, aggregate and cull insights from data gathered from surveillance activities. Where it was necessary for instance to elucidate the privacy rights of individuals in the past, it has now become likewise necessary for instance for interested stakeholders to try and scope the limits and the conditions where the surveillance of persons and whole populations can be sanctioned need the application of abiding principles with regard to the securing of the privacy and related human rights of those who are being spied upon (Ion et al. 2011; Solove 2007; Warren and Brandeis 1890; Necessary and Proportionate 2013; ACLU of Massachusetts 2013; Judge 2013; Brown 2013; Timberg 2013; Schneier 2013; Chen 2010; Davies 2013; Johnson 2013). In the United States, the case of spying by the NSA, and the flurry of activities and actions that resulted from such spying as it was made public by a few whistleblowers, such as Edward Snowden provides the perfect example of the possible massive intrusions to the privacy and human rights of individuals that can occur in the age of the internet and of cloud computing. The reality is that enabling laws that basically make it legal for governments to get into its citizens' data on the Internet and over telecommunications networks are in place, and have been for many decades now. What is new is the scale of the intrusion as revealed in recent times, and the degree with which the NSA has breached public email infrastructures such as Gmall and a host of other established cloud computing services and applications, including mobile, to perform massive data gathering and surveillance of its citizens (Brown 2013). Various stakeholders have responded to the surveillance and the breaches of privacy rights by the government in various ways. Engineers have called for changes to the infrastructure to make it secure from NSA spying. Cloud consumers have left US cloud providers out of security and privacy concerns. Cloud providers such as Google have come up with data encryption initiatives to secure the privacy rights of users. All these actions underscore the massive human rights violations now occurring in the cloud, and the extreme reactions attest to the desire of cloud consumers to push back (Ion et al. 2011; Solove 2007; Warren and Brandeis 1890; Necessary and Proportionate 2013; ACLU of Massachusetts 2013; Judge 2013; Brown 2013; Timberg 2013; Schneier 2013; Chen 2010; Davies 2013; Johnson 2013). References ACLU of Massachusetts. 2013. NSA calls the iPhone using public 'zombies' who pay for their own surveillance. Privacy SOS. http://www.privacysos.org/node/1177 [Accessed 16 November 2013] Brown, Ian. 2013. Lawful Interception Capability Requirements. SCL.org. http://www.scl.org/site.aspx?i=ed32980 [Accessed 16 November 2013] Chen, Adrian. 2010. GCreep: Google Engineer Stalked Teens, Spied on Chats (Updated). Gawker. http://gawker.com/5637234/gcreep-google-engineer-stalked-teens-spied-on-chats [Accessed 16 November 2013] Davies, Simon. 2013. Cloud computing is a trap, warns GNU founder Richard Stallman. The Privacy Surgeon. http://www.privacysurgeon.org/blog/incision/swedens-data-protection-authority-bans-google-apps/ [Accessed 16 November 2013] Ion, Iula et al. 2011. Home is Safer than the Cloud! Privacy Concerns for Consumer Cloud Storage. Symposium on Usable Privacy and Security (SOUPS). http://cups.cs.cmu.edu/soups/2011/proceedings/a13_Sachdeva.pdf [Accessed 16 November 2013] Johnson, Bobbie. 2013. Cloud computing is a trap, warns GNU founder Richard Stallman. The Guardian. http://www.theguardian.com/technology/2008/sep/29/cloud.computing.richard.stallman [Accessed 16 November 2013] Judge, Peter. 2013. TechWeek Readers Abandon US Cloud Over Privacy. TechWeek Europe. http://www.techweekeurope.co.uk/news/techweek-readers-abandon-us-cloud-over-privacy-124729 [Accessed 16 November 2013] Necessary and Proportionate. 2013. International Principles on the Application of Human Rights to Communications Surveillance. Necessaryandproportionate.org. https://en.necessaryandproportionate.org/text [Accessed 16 November 2013] Schneier, Bruce. 2013. The US government has betrayed the internet. We need to take it back. The Guardian. http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying [Accessed 16 November 2013] Solove, Daniel. 2007. 'I've Got Nothing to Hide' and Other Misunderstandings of Privacy. San Diego Law Review 44. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565 [Accessed 16 November 2013] Timberg, Craig. 2013. Google encrypts data amid backlash against NSA spying. The Washington Post. http://www.washingtonpost.com/business/technology/google-encrypts-data-amid-backlash-against-nsa-spying/2013/09/06/9acc3c20-1722-11e3-a2ec-b47e45e6f8ef_story.html [Accessed 16 November 2013] Warren, Samuel and Brandeis, Louis. 1890. The Right to Privacy. Harvard Law Review IV. http://groups.csail.mit.edu/mac/classes/6.805/articles/privacy/Privacy_brand_warr2.html [Accessed 16 November 2013] Read More