Twitter, the FBI, and cloud computing: The disclosure dilemma

Twitter sues the FBI over data gathering, with major implications for cloud computing

Twitter filed a lawsuit against the FBI and the Department of Justice on Tuesday to publish a full "transparency report," which documents government requests for user information. Its objective is to gain more information about government surveillance of its users.

The published report does not include national security requests -- Twitter has been prohibited from disclosing that information. But Twitter believes it's entitled under the First Amendment to "respond to our users' concerns and to the statements of U.S. government officials by providing information about the scope of U.S. government surveillance."

What’s really happening here? The government is requesting user information from Twitter, but wants Twitter to keep quiet about that fact. Twitter wants to disclose the information to its users, so they can make an informed choice on what information to transmit on Twitter or whether they want to use Twitter at all.

These issues are cropping up with the public cloud as well. As we put data into public clouds, the government will certainly be interested in culling it from time to time, typically citing national security concerns.

Thus, cloud providers must have a response to the question of who’s trolling users' data. Cloud providers must provide an honest answer and even documentation if requested.

The government insists on having access to data stored in social media systems and cloud providers, which is a real downer. This will negatively affect the promotion of this technology, when enterprises are already skeptical about cloud computing security and privacy.

The only way to deal with this situation is with full disclosure, in terms of who is looking at the data, for what purpose, and when. While some enterprises will run away from cloud computing when this information comes to light, others will use the systems with the understanding that data-scanning operations are taking place.

On the other side, enterprises may encrypt the data so it can’t be examined, and keep the keys for themselves. If that occurs en masse, stay tuned to see if the government takes legal action. The cloud certainly brings up interesting legal questions.