Considering its importance, most people have little knowledge of the concept and the impact it has on personal data storage and the challenges it creates in investigating cybercrime.
So what is cloud computing? It is no more than a metaphor. The concept of storing data via the internet on another computer or computers located somewhere in the world (exactly where you can never be sure).
The fact is that many of us already use “cloud” storage every day. Take for example Gmail and Facebook or if you use services like Skydrive,Dropbox and iCloud. If we need a file and don’t have our laptop with us, we log into someone else’s computer and simply download it. As long as the company that holds your data is secure, doesn’t let anyone read it and gives us access to it when we need it, we are not concerned.
But what if we used this storage for business and to store a client’s files? Are we or the client entitled to know in what country the data is being stored? What are the legal ramifications if there was a dispute and the countries data privacy laws do not adequately protect that data from being accessed, copied or even deny access to the data itself.
The question is how can we maintain our “private” data as “private” when we are uploading it to somewhere outside of our control and ensure that it has not been tampered with by an individual or by the process of storing it? Annoyingly the fact of the matter is that we have to rely on the agreements we have with the “cloud” provider and in fact have very little control on what actually happens to our data.
As a forensic analyst that is required to maintain a chain of custody for each bit of data that is collected and is used to having physical access to the computers that need to be investigated, I feel there are many challenges ahead. With the unabated annual rise in cybercrime, investigating crimes in the “cloud” is becoming commonplace. If you are victim of cybercrime here in South Africa consider the legal challenges in accessing evidence from computers that may sit in Sweden, Gibraltar or Hong Kong and then trying to gain access to computers that hold data for thousands of other individuals whose privacy is just as important as yours.
If all of this is overcome we still need to take into account that we may still have to rely on the service provider to give us the data, losing critical evidence in the process. This opens up a host of legal challenges when presenting this data in a court of law, including a significant increase in the time and cost of what may seem like a straight forward investigation.
Perhaps I am a little sceptical about expanding into the “cloud” based on my experiences in forensic matters, where contracts and agreements are disregarded and systems are breached regardless of controls or laws that existed. The rise of cloud computing has not only multiplied the problem of scale for digital forensic activities, but also created a brand new approach to cybercrime investigation with its various challenges.
In the end, the concept is here to stay and we need to be aware of the fact that we now have little control over where our data resides, who can access it and what happens to it when we choose to venture “into the cloud”.
