The PATRIOT Act and Cloud Services

I’ve briefly described my attempt to get all of my “cloud” data moved to personal servers that I directly control. Part of my reasoning for doing this is the simple fact that I like having complete control over my property (and I consider my data personal property). The other reason is I don’t like the idea of federal agents being able to obtain my personal information without my knowledge. At the very least if the feds want to take my personal data now they will have to alert me when they come to take my server out of my dwelling (and since the data is all encrypted they’ll need my key to access anything… which will really frustrate them when I claim my fifth amendment right instead of giving over my encryption keys).

Some people have claimed another solution for this is to put your data in a foreign country. I never found that solution viable because the government of the country where your data is stored likely has access to it and will hand it over if the United States government puts in a request. Well Microsoft has confirmed that your data isn’t safe anywhere:

Organisations should be wary when entrusting their data to Cloud providers based in the U.S.

Microsoft, one of the first Cloud providers to come clean, have revealed that the U.S. authorities have the right to access any data stored by them, even if that data resides within the EU.

[…]

In addition, Gordon Frazer CEO of Microsoft admitted that customers would only be informed “whenever possible” with respect to authorities extracting data.

Such an example is where the FBI has the ability to issue a ‘National Security Letter’ demanding a company’s data. Frazer stated that in this case he wouldn’t even be able to admit he had received such an order.

Many people forget that those subject to “National Security Letters” are legally prohibited from even saying they received such a letter (note to the feds: if you hand me one of those letters I’m telling everybody, fuck you and your attempt to shit on the first amendment). This means if the feds to take your data you’ll never be notified because the company hosting said data will be legally muzzled.

I feel the best option in regards to your data is to maintain it all on systems that you have direct control over. Unless you have that direct control you can never be sure who is rummaging through your data (I’m not just talking about government agents at this point) or for what purposes. If you control the systems then you control who does and doesn’t have access to anything on that system.

2 thoughts on “The PATRIOT Act and Cloud Services”

  1. Doesn’t the patriot act allow then to execute a hidden search warrant as well where they break in while you are out and install a keylogger to sniff out your passwords. Even the home solution isn’t a perfect one though I agree it is better than the alternative. Do you have any issues with people accepting smtp traffic from you?

    1. The PATRIOT Act does allow for federal agents to break into your home and secretly install key loggers onto your machines. Unfortunately for those federal agents the hard drives of every one of my computers is completely encrypted. Unless the agent is able to obtain my decryption key they will not be able to read or write to the hard drive (unless they format it which kind of defeats the purpose in my opinion). Thus my machines are safe from unknown software being installed without my knowledge (unless some hacks into my system and installs software that way which is possible).

      To answer your second question I’ve not had any troubles with third-party SMTP servers accepting mail from my SMTP server.

Comments are closed.