Cloud computing companies based out of the United States have had one hell of a time trying to reassure customers that the information they put in the cloud, stays in the cloud. With an increase in NSA surveillance, as well as greater public awareness about clandestine malpractice (thank you Edward Snowden), these companies stand to lose billions of dollars in revenue in foreign markets alone, which could severely damage one of the strongest pillars of the American economy. The NSA may seem like an unassailable opponent, but cloud service providers such as Apple, Google, and Microsoft aren’t going down without a fight.
Silicon Valley vs. the NSA is for IT professionals what the Battle of Thermopylae was for Ancient Greece–it’s huge. Two tech champions going head-to-head over cloud privacy and the winner will ultimately decide the future of the World Wide Web. And it’s hard not to root for the underdog.
Apple, Google, and Microsoft are our three hundred Spartans; willing to fight to the death for our collective internet future. The website http://www.reformgovernmentsurveillance.com represents their push for legal reform regarding government surveillance and outlines a set of principles that they hope will serve as a guideline for future legislation.
The Principles
Limiting Governments’ Authority to Collect Users’ Information
Governments should codify sensible limitations on their abilities to compel service providers to disclose user data that balances their need for the data in limited circumstances, users’ reasonable cloud privacy interests, and the impact on trust in the Internet. In addition, governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of Internet communications.
TRANSLATION: Governments need better laws that keep them from taking innocent user information off of our cloud servers. That broad data collection stuff is just unacceptable (see Optic Nerve).
Oversight and Accountability
Intelligence agencies seeking to collect or compel the production of information should do so under a clear, legal framework in which executive powers are subject to strong checks and balances. Reviewing courts should be independent and include an adversarial process, and governments should allow important rulings of laws to be made public in a timely manner so that the courts are accountable to an informed citizenry.
TRANSLATION: Be accountable! If you’re collecting our customers information then gather it like you would gather normal evidence (go to court, get a warrant, etc.)
Transparency About Government Demands
Transparency is essential to a debate over governments’ surveillance powers and the scope of programs that are administered under those powers. Governments should allow companies to publish the number and nature of government demands for user information. In addition, governments should also promptly disclose this data publicly.
TRANSLATION: Let us know exactly what the government will and will not access on our servers so we can tell our customers. It will make the process a little less shady.
Respecting the Free Flow of Information
The ability of data to flow or be accessed across borders is essential to a robust 21st century global economy. Governments should permit the transfer of data and should not inhibit access by companies or individuals to lawfully available information that is stored outside of the country. Governments should not require service providers to locate infrastructure within a country’s borders or operate locally.
TRANSLATION: If it’s legal, our users should have access to information anywhere in the world and the government should not prohibit that.
Avoiding Conflicts Among Governments
In order to avoid conflicting laws, there should be a robust, principled, and transparent framework to govern lawful requests for data across jurisdictions, such as improved mutual legal assistance treaty – or “MLAT” – processes. Where the laws of one jurisdiction conflict with the laws of another, it is incumbent upon governments to work together to resolve the conflict.
TRANSLATION: Give us a universal standard of laws so we know exactly when the government can legally ask for user information.
These principles are just the beginning in what will likely be a long and expensive fight. And hopefully Silicon Valley can pull of a victory, because if anyone can, its’ those tech gurus from California. Here’s to the return of Internet freedom!
{{cta(‘e046a2f0-627f-4d5f-9b3c-f3a758693bc9’)}}