On Twitter: @JamesFirth and @s_r_o_c (post feed)

Got a tip? tip@sroc.eu

Tuesday, 11 June 2013

The morning after the weekend the Big Data bubble burst

A cynic might say worldwide intelligence services are only doing to our data what countless Big Data Corporations have done for well over a decade now.

That cynic might say government security services, even with the types of data syphons revealed in the Guardian over the last few days, generally know far less about our lives than our supermarket or bank.

But for some reason, and despite the power large corporations hold over our lives (the power to deny: deny credit, deny access to a service, or erase an online identity...), exposure of a government tap into this data has, finally, causes a shit storm big enough to seriously damage a whole industry.

My surprise is only that it has taken this long for people to realise that there are practically no legal safeguards for the data of non-US nationals held by US companies, wherever the data is physically stored.

Yes, that's right.  If you pay a US company for a service, even if the data is physically stored on servers based wholly in the EU, your data can still be sequestered by the US government.

Last weekend politicians and spy chiefs lined up to defend the actions of the NSA as invaluable in defeating terrorism.

Cut through the rhetoric and there were numerous admissions that spying on electronic communications of foreign nationals was to be expected as just something nations do.  They spy on other nations; they always have, and they always will.

Last weekend was the weekend when the world woke up to conspiracy fact.

It was the weekend that British MPs, many of whom I know to use gmail, Yahoo or Microsoft to conduct their political affairs outside parliament, realised there were no safeguards in place to prevent a foreign government spying on their private correspondence.

Note: MPs are expected to have secondary email accounts, they're essential because MPs only have access to Parliamentary email once elected - they need to get elected first!

It was the weekend that corporations, some of whom were already alerted to laptop seizures at border posts and had previously instructed employees to travel only with a "clean" laptop in order to protect industrial secrets such as pharmaceutical research being cloned on entry, realised all their data was already at risk because they purchased "secure" cloud storage and other data services from a US-based company.

Despite legislation being brought-in over a decade ago, many have only taken note when hard evidence emerged that this was actually happening.

There is in place today a mechanism for US government agencies to read nearly all our email, check our web searches, possibly what websites we visit - since each click may be sent to Google or Microsoft depending what browser features are enabled...

And there are no safeguards or limits unless you are a US citizen.

I hypothesise this revelation has burst the Big Data Bubble.

The immediate effects will be small.  Charities and NGOs lobbying on changes to US policy, politicians worldwide and companies at the cutting edge of innovation will be the first to turn their backs on a jurisdiction that offers no legal safeguards for data that can be shown to belong to a foreign entity.

A jurisdiction, remember, that spear-headed the fight against copyright infringement with extra-judicial take-downs of websites worldwide.

It's a bubble that will take a while to deflate, for there are at the moment few alternatives to many of the services run by US-based tech companies.

But the damage is done and the trend will, in all likelihood, be irreversible - at least in the short term.

Last week I asked whether people cared enough about their data to make a difference.  Today I'm under no doubt that the slow demise of Big Data, and particularly data hosted outside the EU, will snowball as viable EU-based alternatives emerge.

This time next year we may see Silicon Valley bosses scratching their heads and licking their corporate wounds; and, maybe, finally fighting the cause they should have fought a decade ago.

For only when citizens worldwide are given the same legal protection as US citizens will EU-based companies and citizens feel comfortable handing their data over.


Bootnote: The British lobby effort against enhanced EU data protection will find it much harder to garner support from the public and businesses alike - which may be a shame as the EU really messed up with the cookie law, focussing on the method rather than the overall trade and exploitation of personal data.

No comments:

Post a Comment

Comments will be accepted so long as they're on-topic, do not include gratuitous language and do not include personal attacks or libellous assertions.

Comments are the views of the commentator and not necessarily the view of the blog owner.

Comments on newer posts are not normally pre-moderated and the blog owner cannot be held responsible for comments made by 3rd parties.

Requests for comment removal will be considered via the Contact section (above) or email to editorial@slightlyrightofcentre.com.