0

If access to a cloud server instance that stores personal/important information is lost or removed by the provider, is my data protected? Can the provider access my data and copy it, distribute, or claim ownership?

I'm horrified by the internet version of Storage Wars, where the contents of the "storage unit" is auctioned off to the biggest bidder if rent is unpaid. What are the laws that apply here? Who/What validates/guarantees that the providers follow the rules?

Improve this question
4
  • 1
    That's like 3 different questions in one, this will make answers feel incomplete. IMHO, I don't think you can protect data without some form of encryption, instances are backed up(by most services). With respect to "who/what validates/guaranees...", you should actually read the TOS and License Agreement.
    – user17464
    Commented Dec 20, 2012 at 5:39
  • Pretty much depends on their TOS.
    – cen
    Commented Dec 20, 2012 at 5:52
  • As the other users noted, it comes down to their commitment according to their ToS / License. Also note that they can of course change this at any time, even going so far as to claim that they own any of your data. Just ask Instagram users.
    – AviD
    Commented Dec 20, 2012 at 10:32
  • There was huge press coverage about the USA (perhaps illegally) shutting down a cloud provider called "Mega". People still do not have access to their data although this happened months ago.
    – Hendrik Brummermann
    Commented Dec 20, 2012 at 21:49

2 Answers 2

Reset to default
7

The short answer is that when you put your data on the cloud the provider has the technical capability to do what they want with it. They could sell it, trade it, share it, etc. What is keeping them from doing just that is a) the terms of service or contract agreed (read it to make sure they don't have rights to your data as some claim rights over anything you upload), b) law - although in most places the law is ambiguous and/or missing on this point, and c) public opinion, see instagram's recent fail on this issue.

In most cloud services agreements (at least consumer ones) there is a clause saying that the provider can change the terms of service at any time, so they could theoretically decide to claim ownership to all data and then sell it to the highest bidder. Few companies will go down that route as it guarantees that nobody will ever use their services again, however if a company went out of business it's possible that method could be used by the administrator to make the most out of the failed company's assets.

So do you have any semblance of control of your data in the cloud? Absolutely not, unless you control something about the data. If you encrypt the data at source using an independent utility and then store the encrypted files on the internet you can prevent its misuse, otherwise you just have to accept the trade-off of flexibility versus control.

Improve this answer
0

It entirely depends on the contract you agree to with the provider. There may be a provider that allows you to setup an encryption key they don't have and have it securely encrypt it so they can't access it, but that would vary greatly from vendor to vendor. Your rights would be almost entirely determined based on your agreement with them since law on the subject are still very early and not case tested. (Important note, I am not a lawyer, so any legal topic is my belief and opinion and may be completely wrong.)

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .