Following revelations from the Guardian and Washington Post that the National Security Agency has backdoor access to major company servers, many have questioned their level of trust. It is now well known that PRISM participants include Apple, Google and Microsoft. So can we trust these service providers with our information stored in the cloud? I contend that we cannot.
Today Apple’s WWDC conference kicked off. Highlighted in the event were new and improved cloud computing capabilities on iOS. Apple also announced the addition of iWorks to the iCloud, which will function similar to an office suite on your iOS devices. Apple’s cloud based computing service can presently store everything from your credit cards, website logins, passwords and WiFi access points to various downloads, apps and music files. Now with improvements to iWorks, your pages, keynotes and documents can also exist in the cloud.
Its no question that in the era of smartphones and tablet computing across multiple devices, the option of cloud computing is very attractive. Presently, the average American likely owns at least two if not three devices with many different files on each. The ability to store your music on an iPhone and then have it in your iTunes library on your MacBook Pro without needing to manually upload is very convenient, and I frequently use and enjoy the feature.
But what is the cost of such a convenience? While I certainly appreciate the convenience of all my information stored on an encrypted Apple server within their ecosystem, I am a bit nervous of it in light of PRISM.
Apple to date maintains that it has not given the government backdoor access to its servers.
However, Apple cannot legally commit to knowledge of such a program. And The Guardian Story seems to contradict their claims.
President Barack Obama signed Executive Order 13526, which stipulates that even if classified information is revealed, it does not mean that such information is now declassified. PRISM is a Top Secret program, highly classified. Section 215 of the Patriot Act and measures in the FISA Act specifically bar a company from revealing the nature of a classified surveillance request, including PRISM.
So if I cannot trust Apple to not relay my information to warrantless government data requests, why should I trust my information in their iCloud servers, even if they are encrypted? I shouldn’t, and nor should you.
Unfortunately, as participants in the Apple ecosystem, or if on Android, the Android ecosystem, we do not have a choice but to use their cloud services. The phones and tablets we use all rely on cloud computing.
It is thus up to the companies themselves to better safeguard their users privacy. I contend that the only way to challenge these unjust laws is for the companies to not honor National Security Letters and NSA requests.
In the interim, we all must assume these companies are conspiring with the government to honor NSA information requests. We cannot continue to place our trust in companies that comply with unjust laws. And above all, as technology continues to advance at an unprecedented rate, we must continue to put pressure on these companies and our legislature to better understand and get serious about these privacy concerns.