chevron-down Created with Sketch Beta.
August 27, 2013 Articles

PRISM Leaks Cannot Kill Cloud Computing

By Steven Bennett

Reports that the recent NSA PRISM leaks will somehow “kill the cloud,” or at least severely damage American participation in the world market for cloud computing services, grossly hyperbolize the realities of the situation. Although the leaks may have eroded public confidence in data security and privacy to some degree, the move toward cloud computing seems inexorable.

It is a poorly kept secret that nearly all governments spy on both their friends and their adversaries in the world community. Indeed, the UK Government Communications HQ “Tempora” system apparently parallels (and supplements) the U.S. PRISM system, and has done so for more than a dozen years. Tempora may actually ingest more data than PRISM. The “Five Eyes” electronic surveillance alliance (U.S., UK, Canada, Australia, and New Zealand) has operated since shortly after World War II. The USA PATRIOT Act, moreover, spawned an array of similar laws in many countries including Canada, Australia, South Africa, the UK, and (most recently) Germany. The NSA leaks could help place new limits on government intelligence programs, but they cannot prevent governments from “doing what they have to do” to protect their citizens.

 

&lt;p&gt;Given the necessities of a post-9/11 world of international   terrorism, feigning shock at the scope of the NSA interception program   strikes many as political posturing. European voters may not fully   understand the need for intelligence gathering, but their government   leaders do. Similarly, threats to suspend trade talks with the United   States seem hollow, given the realpolitik of world trade. Europe and   America need each other—as trading partners, and as allies for peace and   security. We may quarrel over the details, but dealmaking is in the   interest of all parties.&lt;/p&gt;<br>
&lt;p&gt;The economic and technical logic of cloud   computing, moreover, remains strong. Cloud computing offers businesses   reduced cost, as cloud services require little capital and maintenance   spending for users. The cloud provides increased storage capacity, and   it eliminates the need for periodic technology upgrades. Cloud services   can be acquired from multiple vendors, increasing flexibility and   lowering costs through competition. And cloud computing is uniquely   suited to mobile functions, the key to modern employee and customer   networks. Against these benefits, the risks to privacy and data security   have long seemed manageable burdens, not disqualifying flaws in cloud   computing. The NSA leaks may heighten concerns in this area, but the   thirst for cloud service cannot be quenched.&lt;/p&gt;<br>
&lt;p&gt;The notion that a   &amp;ldquo;European cloud&amp;rdquo; will somehow oust American dominance in the field also   ignores the facts. There is no assurance that Europe-only cloud   systems––such as the French &amp;ldquo;Sovereign Cloud&amp;rdquo;––can avoid surveillance by   either the NSA or by Europe&amp;rsquo;s own governments. Such a balkanized   system, moreover, could increase expense and technical burdens on users,   negating the essential benefits of cloud service. EU-wide agreement on   cloud security specifications has been a long time coming. Revisions to   the 1995 EU Data Protection Directive have been under debate for nearly   two years, with no agreed solution in sight. Attempts to include limits   on national security data gathering––traditionally, not a subject for   operation of the Directive––may only further mire the EU legislative   process.&lt;/p&gt;<br>
&lt;p&gt;The NSA leaks certainly will have consequences. The   revelations may foster development of new forms of cloud technology   aimed at restricting unwanted spying on users. Encryption systems, for   example, may give data users greater control over information stored in   cloud networks. By encrypting data at the source point, before it goes   to the cloud, the user may obtain greater assurance against government   interception. Such systems, moreover, may naturally enhance security   against other unwanted forms of hacking and organized criminal activity.   Users may also choose more carefully what information they send to the   cloud, and what they keep behind the firewalls of their individual   servers.&lt;/p&gt;<br>
&lt;p&gt;Political fallout from the leaks may be severe. The fate   of Edward Snowden––heroic whistleblower or traitorous   man-without-a-country––remains to be determined. Inquests by the   American Congress, the press, and various foreign governments no doubt   will proceed. But to paraphrase Mark Twain, reports of the death of   cloud computing have been greatly exaggerated.&lt;/p&gt;<br>
&lt;p&gt;&lt;strong&gt;Keywords: &lt;/strong&gt;woman advocate, litigation, cloud computing, PRISM, computer networks&lt;/p&gt;