The Government should consider stopping sharing intelligence services with the US and end the use of Cloud computing due to concerns that sensitive personal information about British citizens can be spied upon by US authorities, MPs said today.Those calls are justified. Citizens have to be able to trust governments to actively protect their privacy. If they're just going to effectively hand their data over to a foreign power to be used for Cthulhu-knows-what, then that trust disappears. The need to maintain public trust means that governments simply should not use the cloud.
The warning comes during a Whitehall drive for government departments to store their electronic information externally with private companies, meaning taxpayers’ private data could be left vulnerable to large-scale surveillance.
US law allows American agencies to access all private information stored by foreign nationals with firms falling within Washington’s jurisdiction, if the information concerns US interests, without a warrant. Four suppliers of the UK Government’s G-Cloud system are located in the US, leading to questions over the security of information is being stored overseas.
And now I'm curious: do any NZ government agencies use cloud storage? Do they use US-based services? If so, what information have they effectively handed to the US government's spies?
Update: A couple of people on Twitter have pointed me at the NZ's government's All-of-government cloud computing approach. The important bit:
Ministers have given issues of government data security a great deal of consideration, and have decided to take a conservative approach to data hosting; cloud-based office productivity services onshore, in New Zealand, for the time being, until the risks and mitigations of off-shore hosting are better understood and able to be managed.
So, if the government is giving your data to the Americans, its doing it deliberately, rather than simply by being dumbarses about the cloud. Good to know.