Megaupload case spotlights data ownership issues in the cloud
The U.S. government's effort to prosecute file locker site Megaupload is raising questions about who owns data that is collected from a company's customers and stored with a cloud services provider. Megaupload's storage services customers have not had access to their data since the provider was raided in January and the data became evidence, reports Kevin Fogarty at InformationWeek.
According to U.S. prosecutors who are going after Megaupload for copyright infringement, data owners are unsecured creditors who should be required to sue the provider to get their data back. Law enforcement does not have to return property to customers or victims of illegal services, Fogarty notes, and Megaupload is being treated as an illegal service.
Issues around data ownership and responsibilities remain somewhat murky in the cloud environment and customers are sometimes discovering unpleasant surprises. Even if a customer is not involved in illegal file sharing or content, his or her data can still be at risk. "Megaupload is a perfect example of where we are in the evolution of these new services; a lot about ownership and the ability to retrieve data when we want is up in the air," Daniel Castro, cybersecurity and privacy expert at The Information Technology and Innovation Foundation, said.
- see Kevin Fogarty's article at InformationWeek