[LINK] Cloud computing and privacy

[Roger Clarke]

At 19:06 +1100 25/2/09, Jan Whitaker wrote:
>Does Cloud Computing Mean More Risks to Privacy?
>http://bits.blogs.nytimes.com/2009/02/23/does-cloud-computing-mean-more-risks-to-privacy/
>But one recommendation seems to stand out as the most prudent: 
>“Don’t put anything in the cloud you wouldn’t want a competitor, 
>your government or another government to see.”

That's ambiguous.  (Credit where it's due - maybe intentionally so).

Some refinement could make it clearer, and a very useful statement.

We can't write off crypto altogether.

(Okay, that's said by someone who spent some years demolishing 
digital signatures.  But the issue was the practicality question not 
the maths.  Crypto protections are easier than actually creating 
public key infrastructure, and providing a basis for bit-based trust 
of another party).

So ... 'Don't put anything in the cloud **whose content** you 
wouldn't want [a spouse / lover / employer], a competitor, your 
government or another government to see'

I don't mind someone seeing the bit-strings that represent my 
innermost secrets and most embarrassing medical conditions.

Provided that I have a great deal of confidence that the CIA / Mafia 
would have to focus a great deal of their computing resource on 
little increasingly old me in order to crack the key and be able to 
see what the bit-strings meant.


-- 
Roger Clarke                                 http://www.rogerclarke.com/

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in Info Science & Eng  Australian National University
Visiting Professor in the eCommerce Program      University of Hong Kong
Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW