SOPA, Megaupload, and the Cloud - Just How Secure is Your Data?

Brian St. Marie - Sr. Systems Engineer

If you've been watching the news this week, or browsing the web, you're sure to have heard about SOPA and PIPA, two internet regulation laws making their way through Congress.  Their ostensible purpose is to protect copyright holders from piracy, but many experts and corporations have raised strong concerns about SOPA and PIPA and how such laws could impact the internet as we use it today.  Objections to these proposed laws culminated on Wednesday the 18th, with several voluntary black-outs of popular internet sites such as Wikipedia, Wired, Boing Boing, and Reddit

While the strong protests and unification in the internet community appears to have stopped SOPA and PIPA in their tracks, it wasn't even 24 hours later that the US Government flexed its muscles and showed just how far it can go under current law to do what it claims is protecting copyright.  In an impressively coordinated effort, the US Justice Department, working with local jurisdictions throughout the world, shut down and confiscated $50 million in computer equipment used by the cloud operator MegauploadMegaupload, founded in 2005, was one of the earliest shared file hosting sites, allowing users to upload and store data and share that data with other users.  Much like Rapidshare, Dropbox, Amazon Cloud Drive and other file sharing services, Megaupload provided a way for people to easily transfer and backup their data on the internet.

The US Government claim is that Megaupload was being used to illegally transmit copyright material.  Of course, this argument can be made for any cloud storage service, as what is stored is entirely up to the user and cannot be individually verified by the provider.  Legal misgivings aside, the important question for us to ask as users is, what happens to my data if my cloud provider disappears?  In the case of Megaupload, which Terminal did subscribe to and use for transferring company data, it appears that our data is retrievably lost, with no warning and no recourse.

While the US Government may feel that it is acting in the best interest of its constituents, the looming issue now becomes whether we, as consumers, should be trusting our critical data to any cloud service provider.  Knowing that the government can and will act without warning to disable and destroy any cloud operator means that no matter how redundant or reliable you think your provider may be, your data could still vanish overnight, stuck in a government warehouse and effectively lost in the red tape of months of litigation.

This week marks a dark point in the rapid growth of cloud services.  It will be interesting to see how some of the largest cloud providers react to these events and even more interesting to see how users respond to the realization that their data is not so safe in the cloud after all.