Security & Fraud

Encryption Vs. Cloud Computing: The Latest Debate

Cloud Security

Does backing up data to the “cloud” actually put it in easier reach for law enforcement?

According to The Wall Street Journal, while encryption helps to keep a user’s data protected, as soon as this data is sent to the cloud, those same protections could quickly be undermined.

“The safest place to keep your data is on a device that you have next to you,” Marc Rotenberg, head of the Electronic Privacy Information Center, told WSJ. “You take a bit of a risk when you back up your device. Once you do, it’s on another server.”

The fact of the matter is that major cloud computing companies typically comply with court orders and search warrants requesting that data be turned over to law enforcement, whereas this data would be much more difficult to obtain if it was only available on a device.

“The movement to the cloud has created new privacy risks for users and businesses,” Rotenberg continued. “Encryption does offer the possibility of restoring those safeguards, but it has to be very strong and it has to be under the control of the user.”

Look no further than Apple’s ongoing battle with the FBI to prevent the agency from forcing it to create “backdoor” access to an iPhone device.

Last week, Apple CEO Tim Cook made it clear the company is prepared to fight the FBI’s request to gain access into the iPhone recovered from one of the shooters in the San Bernardino terrorist attack that took place last year.

In a statement on its website, Cook calls for public discussion and expresses the desire for Apple customers to know what is at stake if the information protected by its encryption is forced to be compromised.

While encryption and cloud computing can be described as two opposing trends, users are still encouraged by the companies running the software on their devices, like Apple and Google, to back up their data to the cloud, essentially making it more accessible when court orders from law enforcement come into play.

“Your phone is an incredibly intricate surveillance device. It knows everyone you talk to, where you are, where you live and where you work,” Bruce Schneier, CTO at cybersecurity firm Resilient Systems, explained to WSJ. “If you were required to carry one by law, you would rebel.”



B2B APIs aren’t just for large enterprises anymore — middle-market firms and SMBs now realize their potential for enabling low-cost access to real-time payments and account data. But those capabilities are only the tip of the API iceberg, says HSBC global head of liquidity and cash management Diane Reyes. In this month’s B2B API Tracker, Reyes explains how the next wave of banking APIs could fight payments fraud and proactively alert middle-market treasurers to investment opportunities.