| |
| META TOPICPARENT | name="FirstPaper" |
|---|
|
|
<
< | Locked in the Cloud |
>
> | Rise of the Cloud |
| | |
|
<
< | -- By JohnStewart - 22 Oct 2012 |
>
> | -- By JohnStewart |
| | |
|
>
> | Network remote storage based services have been steadily on the rise in recent years. Gmail, Dropbox, iCloud, Skydrive and many more have been collectively marketed as “cloud” based services whereby a 3rd party company hosts a variety of data files that had traditionally been stored on our personal storage solutions. In the past, one either purchased a larger hard drive for their computer or set-up a network attached storage device to access personal files. As broadband speeds (both landline and mobile) have increased so has the ability to more easily access files remotely. |
| | |
|
<
< | Rise of the Cloud |
>
> | In an effort to promote adoption of these remote storage solutions, and consequently encourage users to permit files to be stored on the companies’ storage, the services have been touted as a convenient way to store and access a user’s files across devices without the trouble of setting up a home server solution. As consumers embrace “the cloud” a careful examination of exactly what data, how that data is being stored and the company’s motivation for storing is essential to determine whether or not the supposed convenience is worth the privacy sacrifice. |
| | |
|
<
< | Cloud-based internet services such as Gmail, Dropbox and iCloud have been steadily on the rise in recent years. As consumers are increasingly willing to hand over sensitive private data to be stored by a 3rd party serious questions regarding user privacy are raised. Cloud services have been touted as a convenient way to store and access a user’s information across devices without the need to actively back up data. For the sake of convenience consumers have voluntarily surrendered their own privacy – a closer look at whether the trade-off is worth it is necessary. |
>
> | Motivation Matters |
| | |
|
<
< | Why are these three
commercial products, which are from a technical and privacy point of
view completely different, being conflated? Why is network remote
storage called "the cloud"? Wouldn't it be more sensible to use
specific terms that indicate technological arrangements rather than
nonspecific labels that don't disclose any functional information? |
>
> | Accessing data that resides on a remote hard drive via a network has long been the core function of the internet. More recently companies have found that offering remote storage services is a good business opportunity for a variety of reasons. A brief look at how these services vary, what data they capture, and what motivates the companies is important. |
| | |
|
<
< | When we are storing our data in other places, what data it is and how
we are storing it will be important to an understanding of the risks
and consequences. If you don't show sensitivity to the facts that
matter, you show yourself at a disadvantage. |
>
> | Google is at its core an advertising company, and as a result it is in the business of knowing as much as possible about everyone. The more information they have about an individual the better they can target ads and the more money they make from selling ads. Google’s product offerings present serious privacy concerns given the breadth of data they both actively collect (such as retaining search queries) and services they offer that place user data on their servers at the direction of the user (such as Gmail). |
| | |
|
<
< | The “Cloud” Isn’t New |
>
> | Gmail is the company’s most well-known offering and it is also the service that is likely to contain the most sensitive personal information (although arguably location data detailing where you are or places you frequently visit is equally, if not more “personal” than e-mails). One’s e-mail correspondence could range from the very personal – such as communications with loved ones or sensitive work-related information – to benign advertising spam. In both cases your email resides on Google’s servers and while their current privacy policy explains that humans aren’t reading your email they are scanned to better target ads displayed alongside your emails. |
| | |
|
<
< | Cloud services are often touted as new and cutting edge services. Larry Ellison has long criticized the concept of the cloud arguing that the hype is simply much ado about nothing – that is cloud computing isn’t actually new. Businesses and consumers have long relied upon computing services that utilize centralized computing resources, such as a server, and access the data stored on it or that utilize the computing power remotely. The fundamental difference is that now companies like Google, Apple and Amazon, in an effort to promote their products, have championed many new web-based products as “cloud” services. |
>
> | The breadth of Google’s other service offerings also make them unique. Their “cloud” offerings such as Google drive place more of your files on Google’s servers, but Google’s ability to paint a complete picture of user activity truly begins to become worrisome when all of this data is tied to a single user. If you use an android phone and Google’s Chrome web browser, have enabled location services, allowed Google to retain your search queries sent from your phone and browser and signed in to all of these things with your Google log-in then all of this data is tied to you, a single user. All of a sudden Google likely knows more about you, your e-mails, your contacts, where you have been, what you search for and when (and can serve much better ads) than probably any single person in your life – this is a very good reason to think twice about using Google’s services, or at least embracing all of them simultaneously. |
| | |
|
<
< | There has been a shift in recent years towards increased concentration of user data in the hands of a few corporations. Users have migrated towards these services giving companies more and more data they are looking to turn into revenue. Amidst marketing hype and buzz around “cloud” services, often offered for free, consumers should take a step back and examine the real value proposition. |
>
> | In contrast, Apple’s revenues are derived from selling consumer products at a premium price (with a mark-up any company would be envious of). Their iCloud service offer syncing functionality as well as network remote storage services for contacts, calendars, photos, music, books and apps. The service is meant to enhance the value and usability of their core product offerings – namely their laptops, ipods, ipads and iphones – and promote a cohesive product ecosystem. That they are driven by a desire to sell more products rather than sell more ads is a fundamental distinction that is important to keep in mind when deciding whether or not to adopt these services. The decision to place your contacts, family and otherwise private photos and e-mail on their servers should give you pause – but there is at least some solace in knowing Apple’s primary motivation is to make your iphone/macbook pro function better together and not to simply know as much about you as possible. |
| | |
|
<
< | Examining the Value Proposition |
>
> | The Lesser of two Evils |
| | |
|
<
< | Free isn’t Free |
>
> | At best, the motivations of Google and Apple only help to predict the direction these companies may move in the future with respect to handling your data and what plans they may have for how to use it. However, this is an important consideration and recent developments are illustrative of why motivation matters. When Google changed its terms of service to allow it to track users across its services despite the brief uproar it wasn’t very surprising. This move allows them to better target ads. This also helps explain why Google continues to make as many of its products like Google maps and Google now available on the iOS ecosystem as possible – to capture more user data. |
| | |
|
<
< | The services and products consumers have embraced over recent years such as Gmail, Google Maps and iPhone are also those that pose the greatest threat to user privacy. Gmail is “paid” for by serving highly targeted ads to users after scanning their e-mail. Google Maps poses its own set of privacy issues, especially when accessed via a mobile device. The app is constantly tracking a phone, and thus the user. The tracking allows services like the traffic layer in Google Maps to function (by tracking the relative speeds of phones in the cars on the road) but it also hands over more intimate data – your every location – to a single company than a user likely has to anyone in their lives. Coupled with the fact that Google has been caught in the past collecting vast amounts of data over unencrypted wifi networks, and suddenly the benevolent services like free Gmail and Google Maps do not seem like such a good bargain. |
>
> | When Apple makes the news it’s more likely to be over a security breach rather user privacy concerns. (That isn’t to say they aren’t criticized for privacy issues) But the fact is that a company built on a business model that depends on collecting and using more of your data and information, compared to one that sells devices and wants to make them work more smoothly together, raises more privacy concerns. |
| | |
|
<
< | In the realm of mobile operating systems a fault line has developed between the more open Android OS and the closed ecosystem of iOS by Apple. As an open source product Android does offer more flexibility than iOS, however that does not change the privacy issues that Google has shown we should be worried about. The closed nature of iOS is illustrative of another problem of movement to the cloud. |
>
> | The bottom line is, in a perfect world our data wouldn't be handed over to 3rd parties. However, given people’s penchant for usability and simplicity the fact is, we do. As long as we continue to use these services it is important to keep in mind what data we’re handing over and how the 3rd party is likely going to use that data now and in the future. Apple is by no means a saint but given the trajectory of the two companies I’d be more willing to ditch Gmail and use an iphone and the attendant Apple services right now than embrace all of Google’s offerings. |
| | |
|
<
< | Only once "the cloud"
has become so general a term that it has fuzzed up even issues of
free and unfree software. Android is partially free software; it
would also help (if this is really part of your story at all, which
is uncertain, because the analytic connection is unclear) to explain
how mobile software lockdown actually works. |
>
> | ***There is also a very real consideration of how much of a fight the companies put up when governments ask for data but that isn’t the focus here. |
| | |
|
<
< | Loss of Control |
| | |
|
<
< | When consumers utilize cloud services they are opening themselves up to serious privacy threats and they are also at the mercy of the companies when it comes to control. For example when Amazon discovered “Animal Farm” was offered through their online store by a company that did not have the rights to the book, Amazon removed the book from consumer’s devices remotely. This is indicative of the larger problem that users face when they are locked into a company’s eco-system or otherwise choose to rely on a 3rd party to store their data or content. |
>
> | - John Stewart |
| | |
|
<
< | Hollywood and other media distributors have pushed the concept of a digital locker in the past. Again, while the product or service may seem to offer increased convenience to the consumer in increased ease of access across devices or locations, the ultimate aim of the companies is to regain control of their content by setting limits on the number devices that can be authorized to playback the content, or set limits on the length of time a user can retain the content. The degree of this control has ebbed in certain respects. iTunes dropped digital rights management from songs offered via it’s platform in 2009, but this represents a small victory.
Apple exercises tight control over app approval as well hardware. The result is that an Apple consumer is often at the whim of Apple’s decisions over what is and is not an acceptable or desirable app. However this misses the forest for the trees. A significant segment of the country uses internet products that can be described as the “cloud” – namely an iPhone or a Google product such as Gmail. These products represent a significant threat to user privacy and remove control from the hands of the user in a far more fundamental way than an inability to install non-appstore apps.
These aren't "cloud" issues at all, again: they're issues about lockdown of client hardware and software. By being technically vague, you impede any actual discussion of remedies, technical or regulatory.
Flight from the Cloud
Pushing for a new normal in consumer internet services does not have to be painful. Convenience is likely a major impediment to transitioning users away from products that represent a threat to their privacy – however if users were truly informed about the hidden sacrifices of user privacy and control a transition might be more likely.
There are glimmers of hope that users do care. In the past when Google has changed its privacy policies to allow it to combine and share data from across its products people voiced their opposition. While Google did ultimately proceed with the change the more the public becomes aware of the implications of using these services the less enthusiastic we will hopefully be to embrace the cloud or the next hyped product.
A transition will not happen overnight. Indeed the move to the cloud is a step in the wrong direction. However by making users more aware of the privacy and control that has already been ceded we hopefully are better prepared to take them back in the future.
You seem to think that we should reject "the cloud." But you don't
discuss the technology enough to show either why or whether we can.
You might have made things much simpler by talking about remote
network storage, when to use it and when to be reluctant or
unwilling. You might have explained that using a file storage
intermediary for encrypted data is not like receiving all your
(unencrypted) email chez some data miner. You might have explained
the difference between network remote storage and utility computing.
You might have described how "the cloud" could allow you to store all
your personal data under your bed, while still making it available,
under your control, to precisely whom you want to have it, when and
how, in real time, all over the world. The opportunity to make sense
of the technical changes going on is still open: the route to the
best possible revision is to learn enough about the technology to
give someone else shrewd and effective advice about how to attain the
privacy you and she both want.
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.
To restrict access to your paper simply delete the "#" character on the next two lines: |
| | |
|
<
< | Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list. |
| | \ No newline at end of file |