Do you presume to criticize the great and powerful Oz? Cloud Storage vs. Cyberlockers

There already is an effort to characterize Megavideo as just a little external hard drive lost in the woods and to try to obfuscate the obvious in a particularly Googly attempt to focus the public on the bright and shiny object so you pay no attention to that man behind the curtain.  Here’s a couple thoughts about cloud services.

The most important thing to keep in mind about the Cloud is that it is the latest way that the consumer electronics companies have found to get to replace all our computers yet again.  CDs got nothing on them.  Do you really need the Cloud for data?  I can understand that carrying around all the music and films that someone downloaded from any one of a number of places can be a hassle, particularly if you are a collector and may have only watched the movie once or got it because you just wanted to have it.  I can also understand the lulz from having a pirated copy of the Encyclopedia Britanica for those few times when accuracy is important during arguments with Dad about the cultural importance of skateboarding.  But if you are going to be trusting someone with your personal data, it’s not just any old external hard drive.

It’s a special case of a storage facility that is a lot more important because of the rights that come with it, the protections you expect to have enforced and because it’s supposed to be a safe place free from advertising searches of your personal data.  For example, if you had a “free” cloud storage account that was add supported, and you suddenly started getting ads about cancer treatment centers and you were a cancer survivor, the idea that there was a connection between your medical record and advertising targeted at you might creep you out.  But no more than gmail.

1.  Don’t Get An Account Anywhere You Can’t Afford to Sue:  Most of the time, you want your storage to occur at least within the jurisdiction of courts in your own country.  That really should not be too hard to do.

2.  Read Your Terms of Service:  The less you pay for the account, the less likely it is that you are going to be able to negotiate the services agreement with your cloud provider, so you should actually read their click through agreement because that’s your deal and you are possibly giving the cloud provider your most personal and important data.

3.  What Happens if They Go Out of Business:  Pay particular attention to what happens if the company goes bankrupt.  If you were around for the Dot Bomb Bubble, then you likely experienced the well-funded digerati who ran the company into the wall at 100 mph then flipped the keys to the first bum on the street and disappeared.  We’ve seen very valuable data get wiped because someone didn’t pay their server bills and the co-lo facility wanted to use those servers for someone else.  Remember–unless you have a lot of leverage and were able to negotiate specific terms, you will likely be unable to stop a third party from either wiping your data along with everyone elses or selling the server with your data on it if the cloud company goes bankrupt or just shuts down.  (This is sometimes called “reprovisioning” the servers in geek speak.)  If your cloud company is run by Skippy Dotcom (or even Kim Dotcom), ask yourself if you could trust Mr. Skip to make sure that your medical records are protected.  Because you know what’s cool?  A billion.

4.  Force Majeure and Other Attacks of “GOD”:  The Google risk factors are actually helpful in understanding how little they intend to ever make good on any promise that induced you to sign up:  “Our systems are vulnerable to damage or interruption from earthquakes, terrorist attacks, floods, fires, power loss, telecommunications failures, computer viruses, computer denial of service attacks, or other attempts to harm our systems.”  And the result for you the unpowerful user?  Good luck.  Just about the same answer as if Megavideo got busted.

5.  Insurance:  Chances are that you will not be covered by insurance unless you buy it yourself.  Even then, remember that insurance companies exist to make you bear most of the risk of the insured loss most of the time.   The chances of a vendor (a) having a liability policy that would cover users and (b) that coverage extending to lost profits or harm from a privacy breach are both pretty unlikely.   So assume you are on your own unless you have an insurance certificate in your hot little hand.

6.  Security Breach:  Does your cloud provider have to notify you in case of a breach?  Or do you just wait until your identity is stolen?

So if you follow those suggestions, you will tend to narrow down the more obvious bad things.  And if you ignore them and decide to put your most valuable information on “external hard drives” in Hong Kong controlled by Kim Dotcom–well….

Like the man said, caveat emptor.