What I don't really get here, is how is storing data in a cloud service any different, from the legal perspective, from a safety deposit box at a bank or a storage locker in a public storage location?
The paradigm seems very similar - I go to a service provider, pay them money to give me certain amount of private space, put my stuff there, lock it with a key and go on my merry way. When I want to get my stuff out, I go to the location, unlock, get the stuff, re-lock and go.
US laws seem to have very strong protection against someone going and taking my stuff from there. Even if the bank or the storage place go bankrupt, I'm fairly sure no one is legally entitled to go through the stuff that is being stored.
Further, if one of the bank's or storage place customers happens to store something illegal, law enforcement typically needs a warrant to seize it. However, in no way are they entitled to take or destroy property of others, not relating to the warrant.
The ONLY meaningful difference seems to be that they can't easily just access the "storage box" associated with the warrant, and servers are much more portable, so they feel entitled to just take the entire thing. I guess that if your bank had no way of opening the lockbox, law enforcement might feel entitled to take the entire vault...
It's important to see that there isn't just one legal perspective. The law tends to be incredibly malleable, so in many areas (especially newly developing areas of law) you'll see actors espousing theories based on what they want you to see. Think of it like a Rubin vase (http://en.wikipedia.org/wiki/Rubin_vase).
Here, it's not surprising that the government wants to take a position that gives them greater power to snoop around in files you store in the cloud.
It's perfectly reasonable to look at your data in the cloud like a safety deposit box. But alas, government tends to follow a path that gives them greater control and not less. This is just another instance of that tendency.
Because with most websites when you agree to the terms and conditions you also agree to hand over all rights to that content to the service provider.
That means that the US government only needs the approval of the service provider (via warrant or subpoena) or no approval when they sieze that provider.
Most websites function as content distributors, so for them to be able to serve your content to anyone who asks for it, you need to give them the legal right to do so.
The difference from the storage locker or safe deposit box example above is that for those services, you hold the key. You are not putting your stuff in those places so that any passerby can rummage through it.
Websites/services that provide more limited distribution services, e.g. dropbox, or anything where you need to grant permission to individuals, are a bit closer but still not really the same as the safe deposit box example. You should be sure that the rights you are granting by agreeing to the terms of service are more limited.
For cloud storage where you really want to limit access to the content to yourself only, you need to be sure that not even the provider can access it. I.e. encrypt it before it leaves your machine.
Good point. There are services that specifically provide for encryption and import, requiring a private key that only the user of the info has. Of course, the encryption can be cracked with time.
However, my main concern is not so with no one reading the data, but with data being taken and not returned.
nikcub raises an important issue - one must consider the contract between the end customer and the service provider. The analysis doesn't end here though.
There is a lot of additional complexity -- not only are there other contracts in play (e.g. contract between Megaupload and Carpathia and any other contract between Goodwin and any other 3rd party impacting the data), but also the issue of whether and how the court will enforce those agreement.
The government's ability to access the data changes depending on how these agreements are interpreted/enforced.
If you want to get really pedantic, there is also the question of whether the court is appropriately exercising jurisdiction and therefore has the authority to make and enforce such a ruling.
> Because with most websites when you agree to the terms and conditions you also agree to hand over all rights to that content to the service provider.
Rarely true anymore. Most sites that accept user-generated content explicitly state that the users retain ownership rights, but grant the site operators a broad license to republish that content.
But that doesn't matter because the government does not need anyone's approval if they have a warrant or subpoena. Compliance is not optional and supersedes IP protections.
The US government has taken upon itself the power to go thru safety deposit boxes at any time, for any reason, in recent years. They say it's necessary to "fight terrorism" and "money laundering" (which is a "crime" whose definition is so flexible that you can get a conviction of anyone for it.)
Don't confuse what the constitution says with what the current "legal perspective" is. Under the constitution, most of the government is illegal.
Since the US Federal government doesn't follow the law, there's pretty much no limit to what they can do.
Hell, in the megaupload case they violated the laws of New Zealand and the USA, and still are not giving people the illegally seized data back.
They say it's necessary to "fight terrorism" and "money laundering"
I'm not familiar with this. Do you have links to where this is said, or articles about this abuse? I searched a bit and came up with some similar things that were debunked (http://www.snopes.com/politics/business/safedeposit.asp) but nothing about this specifically. Thanks!
Except judges are so easily swayed by sealed evidence about national security. And national security has been arbitrarily stretched to encompass all manner of things. They'll definitely try and make a case about terrorism and drug cartels affecting national security.
Court rulings can violate the law. Wickard v Filburn is a perfect example. Everyone can read Article 1 Section 8 and know that personal property does not fall under "interstate commerce." That doesn't stop the Supreme Court from ruling that way.
In the same vein, we've now reached a point where the Supreme Court's decisions are increasingly (if not all) unconstitutional.
The problem is that there's no 3rd party to settle a dispute with the government. If you and the government have a disagreement, the government decides who's right.
If the Supreme Court ruled the sky was red, the sky would still be blue.
The paradigm seems very similar - I go to a service provider, pay them money to give me certain amount of private space, put my stuff there, lock it with a key and go on my merry way. When I want to get my stuff out, I go to the location, unlock, get the stuff, re-lock and go.
US laws seem to have very strong protection against someone going and taking my stuff from there. Even if the bank or the storage place go bankrupt, I'm fairly sure no one is legally entitled to go through the stuff that is being stored.
Further, if one of the bank's or storage place customers happens to store something illegal, law enforcement typically needs a warrant to seize it. However, in no way are they entitled to take or destroy property of others, not relating to the warrant.
The ONLY meaningful difference seems to be that they can't easily just access the "storage box" associated with the warrant, and servers are much more portable, so they feel entitled to just take the entire thing. I guess that if your bank had no way of opening the lockbox, law enforcement might feel entitled to take the entire vault...