The unsustainable unreliability of the Cloud

This is a text automatically translated from Italian. If you appreciate our work and if you like reading it in your language, consider a donation to allow us to continue doing it and improving it.

The articles of Cassandra Crossing I'm under license CC BY-SA 4.0 | Cassandra Crossing is a column created by Marco Calamari with the "nom de plume" of Cassandra, born in 2005.

After having proposed it again The unbearable unreliability of the bit And The (im)mortal unreliability of bits Here you are The unsustainable unreliability of the Cloud, in our opinion a decidedly current article.

This article was written on April 4, 2014 from Cassandra

Cassandra Crossing 315/ The unsustainable unreliability of the Cloud

More and more companies, institutions and public administrations are turning to solutions that operate on the cloud. But if the data is exposed to technocontrol, who is willing to trust it?

The victims and beneficiaries of the Datagate scandal have been talked about more than enough in the media: the news is now too exploited, even if there is still much left to be written and understood.

However, no one would have taken into account heavy repercussions for an entire commercial sector in tumultuous growth: the providers of Cloud and SaaS services, i.e. those who make virtualized IT resources available and reachable over a geographic network (server, CPU, disk space, etc.) or even entire software services, from a database to an entire CRM application.

For companies it means outsourcing the majority of IT services in one fell swoop, and often to a single supplier, with one eye on budget savings and the other on the ever-welcome head cuts in internal IT services.

Even Public Administrations and their suppliers were starting to move towards the Cloud, which promised not only cost savings and gains in flexibility, but also a splash of modernity that their IT services have always needed.

The long wave of Datagate, like an unexpected tsunami, hit them too.

Which company with real intellectual property, including trade secrets and research & development, will ever entrust its data and its future to IT companies that have been legally and secretly forced to provide all of their customers' information to third parties? What if this information had been the archives of a new product or the emails of very important industrial or legal negotiations in progress?

It would not be the first time (Echelon docet) that data intercepted for national security purposes are magically transformed into a competitive advantage for companies in the intercepting nation.

Which PA can lend legal guarantees on the processing of data placed in the Cloud, given that the counterparties are obliged to violate them and maintain secrecy?

Of course, formally the Public Administrations can still consider them valid, but in the future they could be accused of substantial violations, because they are known and obvious, of their privacy and confidentiality duties.

At the end, the data of the Public Administrations and the even more confidential data of the State blur into each other: given that national security can be managed with commercial choices, the Cloud really seems to be the last choice to be taken into consideration.

A considerable chaos has therefore been created in the offers of Cloud service providers: there have been those who have relocated physical servers to Europe to guarantee a safe harbor towards the United States, those who have offered more robust cryptographic solutions in terms of architecture (typically end-to-end to-end), who finally limited themselves to inserting new non-liability clauses into existing contracts, and making them accepted by their customers.

Only time will tell if this wave will turn out to be a storm in a teacup and everything will go back to the way it was before, or if the technological, contractual and legal security and privacy of Cloud services will change, perhaps improve.

Marco Calamari

Join communities