|
View unanswered posts | View active topics
It is currently Thu Aug 21, 2025 3:28 pm
|
Page 1 of 1
|
[ 15 posts ] |
|
U.S. Authorities Can Access Non-Citizen iCloud Data
| Author |
Message |
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
 U.S. Authorities Can Access Non-Citizen iCloud Data Without A Warrant. | | | | Quote: The Foreign Intelligence Surveillance Act (FISA) allows the U.S. government open access to electronic information stored by non-US citizens on US-based servers, like a host of cloud services available today. iCloud, Google Drive, Dropbox, and other popular services are all subject to this law, passed in 2008 by the Bush administration and recently re-authorized by the Obama administration for another 5 years.
What this means is that any data stored by non-American citizens on cloud servers here in the US is able to be looked at in entirety by various agencies in the US federal government, including the NSA, FBI, and CIA.
Caspar Bowden, Chief Privacy Adviser to Microsoft Europe for nine years until 2011, told UK-based The Independent: “What this legislation means is that the US has been able to mine any foreign data in US Clouds since 2008, and nobody noticed.”
Several posts, like this one at the Huffington Post, written around the time of the re-authorization of the FISA mention email and overseas phone calls, but do not take notice of cloud-based data.
Sophie in ‘t Veld, a Dutch MEP who serves as vice chair of the European Parliament’s civil liberties committee, told The Independent, “Let’s turn this around and imagine this is not the United States having unlimited access to our data but the government of Mr Putin or the Chinese government – would we still wonder if it’s an urgent issue? Nobody would ask that question.”
While we may imagine that the US won’t use the data for anything nefarious, we just may be too naive. Even worse, however, is the precedent this sets for countries to gather data on non-citizens via commercial services that may in the future be housed in a location other than our country of origin. | | | | |
_________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Wed Jan 30, 2013 8:37 pm |
|
|
|
big_D
What's a life?
Joined: Thu Apr 23, 2009 8:25 pm
Posts: 10691
Location: Bramsche
|
The Patriot Act allowed that anyway. That was one of the biggest problems with cloud services over the last 4 or 5 years, the US Government could get hold of any data held by any company that had an office in the USA - the server didn't have to be in the USA.
In Europe, you cannot give personally identifiable data (names, addresses etc.) to third parties without getting the written permission of the person whose data is being handed over.
With the Patriot Act and the Cloud Service, the Cloud Service has to hand over the data, without telling you (they are legally NOT allowed to inform you, that they have just opened you up to prosecution in the EU)!
_________________
"Do you know what this is? Hmm? No, I can see you do not. You have that vacant look in your eyes, which says hold my head to your ear, you will hear the sea!" - Londo Molari
Executive Producer No Agenda Show 246
|
| Thu Jan 31, 2013 5:12 am |
|
|
|
jonbwfc
What's a life?
Joined: Thu Apr 23, 2009 7:26 pm
Posts: 17040
|
You're also breaking the law if you allow personal data to be stored anywhere outside the EU. So putting that kind of data in cloud services hosted in the US is illegal anyway. The main cloud service companies all claim 'safe harbour' contracts that protect any data they store from the likes of the Patriot Act but a) that system has never been tested in court and b)It doesn't matter where the data is stored if the sysadmin is sat in Seattle (or Cupertino) with an FBI agent sat next to him with a Patriot Act warrant the sysadmin could go to jail indefinitely for ignoring. They're going to hand the data over and there's nothing anyone can do to stop it. Sadly, there are few cloud services who can or do host data in the EU. I'm sure it would be a selling point for someone, but few seem to have cottoned on to it yet.
|
| Thu Jan 31, 2013 7:58 am |
|
|
|
belchingmatt
I haven't seen my friends in so long
Joined: Fri May 15, 2009 3:16 am
Posts: 6146
Location: Middle Earth
|
Mega.co.nz has German servers.
_________________
Dive like a fish, drink like a fish!
><(((º>`•.¸¸.•´¯`•.¸><(((º>
•.¸¸.•´¯`•.¸><(((º>`•.¸¸.•´¯`•.¸><(((º>
If one is diving so close to the limits that +/- 1% will make a difference then the error has already been made.
|
| Thu Jan 31, 2013 8:33 am |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
Yes but what incriminating data is stored in the cloud? Most of what I have on the cloud apart from my address book are synced data that includes what TV shows I have watched, my weight and fat percentage, my to do lists, my electricity meter readings and my encrypted passwords. I can imagine that for companies that this could be a serious problem.
_________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Thu Jan 31, 2013 12:50 pm |
|
|
|
JJW009
I haven't seen my friends in so long
Joined: Thu Apr 23, 2009 6:58 pm
Posts: 8767
Location: behind the sofa
|
Like Amnesia, I'm not too concerned about the US government reading my emails and looking at my holiday photos. I don't expect them to steal my identity, although of they could with the information available to them. I naively trust that no one working for them will do this.
However, as Big_D says, it makes it illegal for European businesses to use many services. For example, we use Microsoft 365 for email. Lots of other companies use either MS or Google too, because they offer a great service really not equalled by anyone else. We're all technically breaking the law...
_________________jonbwfc's law: "In any forum thread someone will, no matter what the subject, mention Firefly." When you're feeling too silly for x404, youRwired.net
|
| Thu Jan 31, 2013 1:02 pm |
|
|
|
jonbwfc
What's a life?
Joined: Thu Apr 23, 2009 7:26 pm
Posts: 17040
|
MS and Google are two who use the 'safe harbour' getout. As far as I know, it's never been tested in court if that's actually good enough to comply with the EU data protection directives. MS and Google say it is, and their lawyers may believe so but we won't know for certain until its tested. Thats probably only going to happen when there's a serious breach of some sort and someone gets prosecuted and uses it as a defense. In terms of your own personal data that gets lost it's their fault and they take the hit (see the recent UK judgement and fine of Sony for the PSN breach) but if you're a company and you're storing other people's data in the cloud and it gets breached it's you that takes it in the neck. You're considered the 'data custodian' in law, even if you've handed off the storage of the 1s and 0s to somebody else.
|
| Thu Jan 31, 2013 1:31 pm |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
I do think that the cloud providers could find that they have legal problems if they were to give company data to the US authorities but how would they know? _________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Thu Jan 31, 2013 1:42 pm |
|
|
|
JJW009
I haven't seen my friends in so long
Joined: Thu Apr 23, 2009 6:58 pm
Posts: 8767
Location: behind the sofa
|
How would we ever know... Unless of course they read the email from PayPal confirming my sale of nuclear weapons to Cuba, in which case I might expect a strongly worded letter from them! _________________jonbwfc's law: "In any forum thread someone will, no matter what the subject, mention Firefly." When you're feeling too silly for x404, youRwired.net
|
| Thu Jan 31, 2013 1:47 pm |
|
|
|
jonbwfc
What's a life?
Joined: Thu Apr 23, 2009 7:26 pm
Posts: 17040
|
Same way as usual, we'll only find out when something goes badly wrong...
|
| Thu Jan 31, 2013 2:08 pm |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
Which would probably be very bad. _________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Thu Jan 31, 2013 5:38 pm |
|
|
|
big_D
What's a life?
Joined: Thu Apr 23, 2009 8:25 pm
Posts: 10691
Location: Bramsche
|
It isn't necessarily "you" that needs to find out. If they arrest somebody and it comes out that they got the information from the data you stored in the cloud, they can sue you for not getting their permission to hand it over to the authorities. Actually, Microsoft and Google have specifically said, that if they are faced with a Patriot Act request, they will hand over the data. That was in PC Pro and on ZDNet as well, not sure if that was summer 2012 or in 2011. Even if they store the data on servers in Europe, if they have an office in America, they have to comply with the request and hand over the data on the European servers.
_________________
"Do you know what this is? Hmm? No, I can see you do not. You have that vacant look in your eyes, which says hold my head to your ear, you will hear the sea!" - Londo Molari
Executive Producer No Agenda Show 246
|
| Fri Feb 01, 2013 5:09 am |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
For most of us (bratty excluded) I think that the chances of any of us being a Patriot act or FISA request are pretty slim. Though some of us could inadvertently become persons of interest simply because of a photo posted on Facebook, G Mail, Twitter, Instagram or a comment that triggers further searches, or because we are associates of associates of someone of interest and they are checking all the degrees of connection. Though with the money spent by the NSA over the last few years they may simply want to find all the connections between any two people simply because they will soon have the capability to do so. _________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Fri Feb 01, 2013 7:02 am |
|
|
|
big_D
What's a life?
Joined: Thu Apr 23, 2009 8:25 pm
Posts: 10691
Location: Bramsche
|
For individuals, it isn't so much of a problem, for businesses though it can be a nightmare.
That said, if you have my phone number on iCloud and I find out that Apple gave your iCloud data to the Feds, I can sue you for releasing my number without my permission.
I can't sue Apple, because they were following American law. Apple are legally not allowed to inform you that they have handed over your data. which means you don't even know you have been opened up to prosecution, until you receive a writ.
_________________
"Do you know what this is? Hmm? No, I can see you do not. You have that vacant look in your eyes, which says hold my head to your ear, you will hear the sea!" - Londo Molari
Executive Producer No Agenda Show 246
|
| Sat Feb 02, 2013 12:42 pm |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
I await my writ.  _________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Sat Feb 02, 2013 3:44 pm |
|
|
|
|
Page 1 of 1
|
[ 15 posts ] |
|
Who is online |
Users browsing this forum: No registered users and 11 guests |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
|
|
