Microsoft tells US lawmakers cloud has changed the game on data privacy, gets 10 info demands a day from cops

Fishing anyone?

Not even slightly predictable, moving emails and data to cloud based 3rd parties was sure to attract some unwanted attention. Hosting locally complicates matters for law enforcement, but the big question remains: what is the general nature of the justifications for these subpoena's, I'd be interested to know.

It's not just the cloud

It's also your phone company, your internet provider, your bank, your suppliers, your customers, et effing cetera.

As Microsoft is pointing out, it has become absurdly easy for the government, at all levels, to get a warrant to see your data to slap on a secrecy provision. And Turley points out that there is even less oversight with a subpoena.

Big Brother can watch whatever it wants whenever it wants to.

"7–10 secrecy orders per day"

And yet Huawei is still the big bad problem, right ?

In many ways the metadata is more telling than the actual data

An account comes online every day from 9am and offline at 6pm, five days a week that tells one story.

Two phones travelling in opposite directions towards a hotel every Friday afternoon and powering off shortly before reaching the destination, and then powering back about an hour later when the phones are heading away from the hotel tells another story. Almost every application installed on a mobile phone these days has the potentially to capture and upload that kind of metadata. Historically (pre-smartphone apps) only the mobile telephone operators could track your cell location, and they did that and and still do record that information and more to monitor the existing, and improve the future, picocell/nanocell/microcell/base stations coverage. Historically they would throw it away after use, now it is stored permanently because it is so cheap. Now this metadata is available to the telco provider, the operating system provider, the phone hardware manufacturer and all the individual application developers.

Long term metadata collection can leak far more information than data normally does.

Cloud providers with the amount of metadata that they are harvesting can tell when you are eating, using the toilet, or when your normal routine had changed even by slightest amount.

It couldn't be ...

that IBM's recent e-mail 'problems' are actually a ruse to avoid a subpoena, could it?

https://www.theregister.com/2021/07/01/ibm_email_disruption_sales/

(Sorry, it is late and I've already waited over an hour to have the chance for my application to buy tickets for Wimbledon to time out after entering my credit card data, and still have about 45 minutes left, if the little green bar is anything to go by.

Cynical, moi?)

technology is a double edged sword

It delivers on almost all things promised, convenience, speed, accessibility, etc. The problem is almost no one asks and then answers the one important question.

"Am I willing to hand over (credit card information, banking details, medical history, personal details, etc) to a random stranger for safe keeping?

If not, then why are you willing to upload this information onto a storage platform, simply for convenience sake.

Commercial and not in Confidence

If micro$haft can read all this data in the clear, what's stopping them from reading commercial data also stored in their cloud infrastructure, for example sensitive technical data, computer programs etc etc?