The cloud is everywhere these days. Like its real-life namesakes, the concept and implementation of cloud computing is vague, fluffy, and hard to define. Larry Ellison had a point when he declared that cloud computing has been redefined “to include everything that we already do… It’s complete gibberish.”

If the definition of cloud computing is vague, the need to protect the rights of people who use cloud computing services is clear and pressing. We’ve compiled a list of five basic freedoms that are essential if the rights of the individual are to be protected against individual hackers as well as competing government and commercial interests. Each of these rights/freedoms is tied to real-world events that have threatened it.

These five rights rely on two common principles. First, that personal data remains personal property regardless of where it’s stored. Second, that personal data has intrinsic value that can be recognized without attaching a concrete price tag. This last is scarcely controversial — Google’s entire business model is based on mashing personal data into theoretically anonymous advertising sausage.

The Right to Access Personal Data

Case in point: Megaupload

The Megaupload debacle is an excellent example of why citizens need better data access protection. Previous court cases have affirmed that the Fourth Amendment applies to a person’s data contained on a hard drive, but the Ninth Circuit backed off of its initially stringent standards for data privacy when it considered the Balco case en banc. In its first ruling, the court enjoined law enforcement from relying on the “in plain view” doctrine when conducting a file search, recommended that the searches should be conducted by neutral third parties, and ordered that the queries themselves be narrowly constructed. A later, full panel consideration declared that these requirements were not Ninth Circuit law. The question of cloud data ownership is even foggier.

When the federal government seized Megaupload’s data and froze its assets, they deprived thousands of legitimate users from accessing their own personal property. One user, Kyle Goodwin, has filed a request for the return of sports footage owned by himself and used by his business.

The Justice Department has attempted to dodge this bullet by claiming that it didn’t technically seize Megaupload’s servers — it just copied some of them. The government’s filing stated that it didn’t copy any of Goodwin’s files and asserts that “the process of identifying, copying, and returning Mr. Goodwin’s data will be inordinately expensive, and Mr. Goodwin wants the government, or Megaupload, or Carpathia, or anyone other than himself, to bear the cost.” The Department of Justice (DOJ) attempts to draw a distinction between the assets and “real property” that it seized and Goodwin’s data. Because the DOJ didn’t restrain or seize Carpathia’s servers, and since those servers are not subject to forfeiture, it argues that Goodwin has no standing to appeal his loss.

What matters, in this case, is that the government’s actions have effectively denied Goodwin access to his data. The courts have recognized that access to property is an essential pillar of ownership for centuries. If the court accepts the DOJ’s argument, it creates an enormous loophole in asset forfeiture law. Rather than justifying the need to seize an individual’s assets and naming the specific assets to be seized, the government can freeze accounts, copy the relevant data from cloud servers, and remain completely unaccountable for the damage this causes to innocent bystanders.

The Department of Justice’s suggestion that Goodwin should sue Megaupload and be granted status equivalent to that of an unsecured creditor suing a bankrupt corporation is farcical; it assumes that data can be easily assigned a monetary value and implies that the government bears no responsibility for the effects of its own actions.

One simple solution to this problem would be to allow file lockers to create a specific fund for the express purpose of maintaining/guaranteeing data access in the event of a lawsuit, disaster, or bankruptcy. Said funds would be held in escrow and not subject to asset freezes or forfeiture. There is no reason why allowing funds to be used for this purpose would meaningfully impinge the government’s ability to conduct an investigation. User accounts could be limited to read-only mode to facilitate the transfer without allowing potential evidence to be destroyed.

Next page: Right to Advertising Information