Impact of PATRIOT Act for Public Cloud Services

In order to discuss the impact of the PATRIOT Act for public cloud services, in addition to the historical development and the contents of the PATRIOT Act itself, some basic concepts must be clarified. Not only operating models and types of cloud services are of great importance, but one must also have a basic understanding of the current, relevant data protection Acts.

The title of the Act is a ten-digit Acronym, which picks up on the existing words and USA PATRIOT. Acronym are in the United States popular name for laws and here with this law. Other examples are the ADVANCE Democracy Act of 2007 and the KIDS Act of 2008. The USA PATRIOT Act of 2001, as the law is officially titled, is U niting (and) S trengthening A merica (by) P roviding A ppropriate T ools R equired (to) I ntercept (and) O bstruct T errorism Act of 2001 ^[1].

The Author of this article is not an US Citizen at the time of publishing this article but due importance has been given to Commonwealth Relationship. Hereinafter, Author has cited significant sentences to reflect the original motto of this article, which is not against any Court’s Order of any Commonwealth Country.

The PATRIOT Act describes a number of changes to existing U.S. laws that are written down in a total of 10 so-called TITLES. These subdivide the law by topic. One must refer to Citation 1 for more details.

 

Impact of PATRIOT Act for Public Cloud Services : Impact on Different Sectors of the Economy

 

A significantly affected industry by the provisions of the PATRIOT Act is the financial services sector. One of the intentions of the PATRIOT Act is to prevent money laundering or to uncover, to prevent the financing of terrorist activities and those who are involved in such transactions. To achieve this, companies in the financial services sector are imposed the following obligations :

1. Identification of those who manage assets
2. Determining the origin of funds that flow into the U.S. financial system
3. Identifying the destination of funds that are funneled through the U.S. financial system
4. Investigation veiled or undisclosed intentions for transactions, especially so-called ‘suspicious’ transactions

The paragraphs – 215 and 216; the U.S. authorities has the right to access, for example, lending lists or information from library computers. The ALO (American Libary Association) provides on its website, how to respond to the requests from the government and also provides legal assistance to libraries without their own legal department.

ISP (Internet Service Provider) may be requested via NSL to documents and records from customers for investigations by federal agencies to provide information. In such a case, an ISP has been asked to give connection information and other personal data of a customer. This can be transferred under certain circumstances, to other forms of electronic communication.
A direct effect therefore are on the internet service providers.

Finally, the civil aviation may be mentioned, in which not only the passengers but also the airlines that raised safety standards by the PATRIOT Act, which the TITLE IV in particular mentions. Thus, the United States requested at entry of a so-called PNR code (Passenger Name Record), the personal information of each passenger as well as detailed travel information are included. The European Union has an agreement to pass on this information to the Department of Homeland Security .

 

Impact of PATRIOT Act for Public Cloud Services : Problem

 

Cloud Services are in the age of globalization for businesses of great importance. Nowadays, mobile access to corporate data is for many companies are already for everyday usage. For example, sales representatives access to mobile marketing on relevant data from the company’s own cloud, thus providing individual product presentations to the needs of customers.

Another example of the employees are in the settlement of claims of an insurance provider. This can load personal materials such as photographs and reports directly to the cloud service provider of the insurance company to initiate the processing by the internal service within the shortest time in the detection of damage.

Due to the architecture of a cloud, the hardware on which are the stored data to be distributed to multiple sites. These locations can also be in different countries. This should accessed by the third parties, in particular also be protected against access by the authorities of the respective countries. The PATRIOT Act makes changes to laws before with regard to the protection of these data have implications for the operator and customers of cloud services. In the present study, the effects of the Patriot Act on cloud services in more detail.

The aim is to provide an insight into the contents of the PATRIOT Act, demonstrate its engagement in applicable data protection laws and to explain the economic, legal and contractual implications for operators and users of public cloud services. This article can treated thematically as the impact of the PATRIOT Act for public cloud services.

For this purpose, first a substantive overview of the components of the PATRIOT Act is created above and subsequently the different cloud operating models are hyper-linked.

Economically, this means for customers of cloud providers, requiring them to inform exactly what degree can be assured of data security at all and what risks remain. Privacy is thus for the customer to a kind of risk management, as this higher IT competence for basic relations presupposes for some private use. There are sufficient sensitive data and you should prefer to think carefully about whether the security arrangements are sufficient. Customers will be advised to use the client with programs like Truecrypt ^[2] to encrypt and copy to te cloud, as some providers do not prevent even the search engines to access the files.

The PATRIOT Act is a matter to be criticized negatively in full. It contains not only content to fight terrorism, but also serves the expansion of the scope of action in the overall fight against crime. As an example, the sections on money laundering in relation to civil rights for ordinary citizens tend to be less problematic. But there are gaps primarily due to deficiency of implementation of various technical methods for encryption by an average user or in some cases, it is not possible to apply such. Third Parties, including public servants, can “sale”, “trade” personal information of the others, as we can not assume that a Government employee will always be morally correct.

 

Citations: