Amazon Vows To Fight Government Requests For Data 104
itwbennett writes "Speaking at a cloud panel discussion hosted by Reuters on Wednesday, Terry Wise, head of global partner ecosystem for Amazon Web Services, explained how the company handles government requests for data stored on Amazon's cloud: 'If a U.S. entity is serving us with a legally binding subpoena, we contact our customer and work with that customer to fight the subpoena.' But Wise's best advice to customers is to encrypt their data: 'If the data is encrypted, all we'd be handing over would be the cypher text,' he said."
Don't make promises you can't keep (Score:5, Interesting)
Amazon's position may be principled, but it won't do any good to fight the subpoena. We have already seen that the FISC (FISA court) is just a rubber stamp operation, and that the legislative, executive, and judicial branches of the government want ever greater power and authority under the guise of the "war on terror." Indeed, according to the government, it would be illegal for Amazon to inform the individual(s) whose information is being requested that a request even exists.
The problem isn't merely that warrantless surveillance exists. The problem is that there are no checks in place, no means by which the people themselves, can directly hold the government accountable for such programs. Constitutionality is a farce, easily overcome in the name of "national security." And this is precisely what the terrorists hope to achieve--the use of guerrilla tactics to provoke a government to enact increasingly draconian laws and curtail basic civil liberties, until the government becomes the oppressor against its people. Their eventual goal is to cause the collapse of that government. To this end, such surveillance programs play into the hands of the terrorists.
Also, the proper word is "ciphertext." Not "cypher text."
Re:Mostly Harmless (Score:3, Interesting)
Just a heads up, if you buy that much lube, they don't arrive like the lube you'd buy in a tube. They come as a dry powder with mixing instructions....
Re:Now all I want is (Score:4, Interesting)
Thunderbird and EnigMail actually work very nicely as well. Someone has mentioned that there is actually a browser add-on or something that will allow you to do it with webmail as well, but I'm not familiar with it. K9 supports encryption on Android as well. Using encryption is really not that much trouble. The only inconvenient part is getting non-techies to set up their keys.
Re:You Brave Companies, You (Score:4, Interesting)
How nice that, after these revelations, suddenly all of these companies are coming forward with data and vows to fight or announcing requests to reveal information, etc. Where were these Brave Defenders of Consumers^H^H^H^H^H^H^H^H^HCitizens before Snowden?
In the case of Amazon, it cut off [cnet.com] its services to Wikileaks at the request of Sen. Joseph Lieberman (Chairman of the Homeland Security and Governmental Affairs Committee). That's what Amazon was doing before Snowden. They didn't wait for an injunction, they didn't wait for Wikileaks or Assange to be brought upon charges (they've helped the US government deal with Wikileaks, without having to enter the messy US court system and all the rights that could possibly imply for the defendant).
And now suddenly, Amazon is getting this big fat 10-year contract [itworld.com] from the CIA for a private cloud (that IBM is challenging every which way). Oh thanks Senator Lieberman!! And thank you US taxpayers!!! Amazon may not like to pay taxes, but it sure likes benefiting from them!
Re:Yeah, this is normal (Score:5, Interesting)
It's news for nerds because the government paying attention to electronic data has been in the limelight for awhile now.
Since we nerds are the kinds of folks who are tasked with the implementation and maintenance of the systems that store and process said electronic data, this is the kind of thing that could have an effect on our livelihoods.
Sure, it's obvious that you should encrypt your data, especially if it's at rest on equipment you don't personally control. It's also somewhat of an unmitigated pain in the ass to actually setup and maintain, especially if you inherited infrastructure that you didn't build from the ground up. Or maybe you're a lazy sumbitch.
In the same vein, it's obvious that if you eat a shit load of junk food, you'll get fat and have health issues. Despite the fact that it's obvious, there's a severe problem with obesity in the US, hence we have health groups trying to spread awareness, whether it's through scare tactics or just trying to inform people and at least get them to acknowledge a problem they pretend doesn't exist.
In the same vein, the folks who post about this kind of thing are treated somewhere between polite acknowledgement, with nods of 'yup, he/she's right, we should do that', or viewed as the mad prophet raving in the town square. In both cases, folks pretty much forget about it after theyr'e done and go back to the status quo.
While I'm not in the habit of defending large corporations, I understand why they put out stuff like this. On the one hand, if they want to legally continue to do business without suffering censure by local governments, they have to comply with legal requests for data. If they simply do it, they're viewed as being in collusion by the general public. If they try and provide the information to their customers on how to mitigate their risk, their words tend to fall on deaf ears.
While I'm certain Amazon probably doesn't give a shit about handing over a customers data, they recognize that it's a touchy subject, and a potential PR nightmare, hence they spend some time trying to encourage their customers to do what's in their own best interests. I don't think it's a good idea to try and curb that.
Re:This is truly the problem with NSA spying.. (Score:4, Interesting)
The rest of the world has known for a long time that their data isn't safe in the US, in fact they legislate that personal data cannot be stored in the US (various data privacy acts relating to multinational corporations).
When I worked at a multinational insurance company our international data storage was in Canada, UK (we served data to/from India from the UK, insanity from a performance perspective), South Africa, and Australia. No data regarding foreign citizens could be stored in the US.
This has been the case for at least 7 years or so, probably longer.