March 20, 2012, 12:19 PM — We all know that the data we rely on to run our businesses can be subject to subpoena and other government actions. Such actions create additional risks when that data is in the cloud .
With cloud computing, data from multiple customers is typically commingled on the same servers. That means that legal action taken against another customer that is completely unrelated to your business could have a ripple effect. Your data could become unavailable to you just because it was being stored on the same server as data belonging to someone else that was subject to some legal action. For example, a search warrant issued for the data of another customer could result in your data being seized as well.
The news earlier this year about Megaupload , a cloud file storage and viewing service, provides a real, if extreme, example of how a customer could lose access to its data in the cloud. The federal indictments against the individuals behind Megaupload on multiple charges, including racketeering and criminal copyright infringement, resulted in law enforcement agencies seizing more than $50 million of Megaupload's assets. These actions were intended to stop any nefarious activities and collect evidence to be used in the case against Megaupload.
The catch is that a lot of people were using Megaupload for legitimate purposes . When the government took action against the alleged bad guys, those legitimate users also lost access to their data. It's a textbook example of how technology continues to outpace the law's ability to address the new questions that arise with cloud computing. For example, who is responsible for returning data to legitimate users?