Tag Archives: personal information

Data Nationalization: Drawing Borders in the Cloud

Photo of clouds forming map of the world.Moscow, Russia city government last week announced that they will move 6,000 government computers off of Microsoft Outlook to a Russian-produced application called MyOffice Mail. If successful, they will move 600,000 more systems next year. Cost savings is cited as one reason for the migration but nationalism is also a big factor. In an interview, Communications Minister Nikolay Nikiforov told reporters “We want the money of taxpayers and state-run firms to be primarily spent on local software.” The Russian prime minister has called for a migration away from foreign software out of security concerns over tensions with the west. Russia is not the only nation and Moscow is not the only city to move in this direction.

The internet was meant to be global but from recent announcements and actions it appears we are drawing borders in the cloud. This post is an update to a 2014 post highlighting the beginning of this movement. From recent developments it appears the trend is accelerating.

LiMux—The IT Revolution

Munich also moved to a proprietary platform in October 2013 when they finished the rollout of LiMux, a version of Ubuntu Linux. The almost decade long migration off of older Microsoft systems and applications was marked by the rallying cry “The IT Revolution.” That migration was about cost containment and control. They felt that they could not regulate the pace of required operating system and application updates. The jury is still out on whether this move delivered the intended benefits for the city or whether it has created a bigger headache for the technology department as they deal with compatibility issues. This is an example of reigning in control of technology and storage as traditional vendors move to cloud based systems such as Office 365.

 Legal Boundaries

Russia’s data nationalization law requires all personal data about citizens be stored and processed on servers inside Russia. The routing of such data is a point not completely worked out yet. That may be much harder to keep within the borders. Australia has a similar law specifically covering electronic health records of citizens and their storage and transport.

In a 2015 paper published in the Emory Law Journal, the authors highlight a number of countries that implemented regulations to restrict the storage and movement of data inside and outside of borders. Some of these were a reaction to the 2013 NSA surveillance revelations concerning data collection on countries and heads of state. Countries are moving to protect their citizens by regulating at least their portion of the cloud. This will most likely escalate and present difficulties for internet companies large and small.

Thoughts

My objective in this post is to speculate on the future of the cloud. We already have a private cloud and public cloud and now a hybrid cloud. Will these be followed by a Russian cloud, and a Chinese cloud and a U.S. cloud? Will that hamper the open nature of the internet or will it simply serve to provide information security for each nation, state, or municipality just as physical borders provide personal safety? Let me know your thoughts.

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.

Whose Information Is It Anyway?

In a January 7 Wired magazine article titled “How the NSA Almost Killed the Internet”, the author detailed the Edward Snowden leaks, the US National Security Agency (NSA) revelation of widespread information collection, and the indignant outcry from tech companies. The fact remains, however, that there is a trove of personal information that is scanned and analyzed by governments, private companies, and even those with less than honorable intentions. The NSA claims to do it in the name of national security, private companies claim to help make your life better by predicting what information or product you will need next, and the thieves are just in it for themselves. Nevertheless, it comes down to the fact that it is your information, and the question is—how is it that so many people have access to it?

National Security

In the summer of 2013, former NSA IT consultant Edward Snowden revealed documents that showed widespread data collection by the NSA. He did this, of course, after he was safely out of the country and away from potential prosecution. The documents revealed programs designed to collect information from cell phone metadata and also personal information from Internet records kept by companies such as Google, Facebook, LinkedIn, Twitter, and Yahoo. Some of it was done through secret court orders and some without the knowledge of the companies just mentioned—all in the name of national security for the purpose of rooting out potential terrorism. The question still remains, however, how and why do these companies have your potential information and for what purpose?

Call For Reform

In a December 9, 2013 open letter to Washington, eight tech companies called for reforms on how information is collected and for more transparency in the collection methods. A couple of things strike me as odd about this proclamation. First of all, transparency has never been a hallmark of spy agencies and it seems ridiculous to even suggest that new reality. Second, the companies that collect personal information are now objecting to someone gathering that data from them?

It All Begins With Me

I have no doubt that the NSA and similar agencies have thwarted potential terrorist attacks by analyzing and acting on the data they collect. I believe that some of the methods are suspect but those agencies believe that they are making the world a safer place. Tech companies that provide social media, communications, and search capabilities also believe that they offer a service by drawing inferences from your personal information and steering you toward goods and services that you may like. Most of all, I believe that responsibility for my own information and my own comfort level in sharing that information lies with me. I am as guilty as anyone when it comes to clicking “I Agree” on that End User Agreement without reading the fourteen screens of fine print. I can’t guarantee that I understand the security policy and opt-out agreements of all of the applications that I use, but I am aware of the options I have and which information is being collected. In a sense, the Internet is still the Wild West and we are still trying to grasp the potential and complexity of it all. The first step in understanding is awareness and education. That is our responsibility.

Thoughts

Have you got it all figured out? Do you know the best methods for keeping you and your personal information safe? If so, I would love to hear from you. If not, we can always learn together.

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional, adjunct faculty for the University of Oregon, and academic director of the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.