You are on page 1of 2

Why hackers and spooks want our heads in the cloud | John Harris | Comment is free | Th...

Page 1 of 2

Printing sponsored by:

Why hackers and spooks want our heads

in the cloud
Our unthinking embrace of these giant data centres is throttling
the giddy anti-authoritarian computing dream

John Harris, Monday 25 April 2011 20.00 BST

larger | smaller

Imagine this. A notorious multinational is on the lookout for new business. For the sake
of argument, let's imagine it's Lockheed Martin, the defence, security, and "advanced
technology" corporation that has lately been seeing to the census. From somewhere in
their R&D division comes an idea: "personal lifestyle security services" for millions
across the planet. The wheeze is simple enough: sign up and hand them your personal
correspondence, financial records, bank details, ID documents, and more. They'll have
all your stuff, and you'll have a unique password whenever you want a look. And just
think: more clutter shunted out of your life, leaving you to glide through the minimalist
bliss of 21st century living.

You would have to be out of your mind. But this is the world we are hurtling towards,
although it's not defence conglomerates who are in charge – yet – but private
technology giants. The key is cloud computing, whereby just about anything that can be
digitised is stored in remote servers, leaving us to access it from wherever we fancy. If
you have a Gmail or Hotmail account, you'll already be a practised cloud user. Two years
ago, David Cameron suggested that Google and Microsoft might be involved in the cloud
-based storage of people's NHS records; now the Department of Health appears to have
plans for exactly that. In 2009 the worth of cloud computing was put at $58.6bn; by
2013 it's forecast to reach $150.1bn.

The new world is, of course, less a matter of clouds than data centres: huge impersonal
sheds in which servers whirr away, while millions log in and out – a turnabout with an
intriguing circularity. Up until the late 20th century the history of the industry was
partly the mass transfer of data from hulking mainframes to ever smaller personal
computers. Now the momentum is in the other direction, and what you might think of
as digital centralism is back, in a world awash with prying governments, hackers,
corporations that seem as prone to skulduggery as they ever were – and terrorists who
may well eye data centres as mouthwatering targets.

So why aren't we worried? Inspired branding undoubtedly does its work. First, there is
the term "cloud computing" itself, whose uncertain etymology is less important than its
implicit suggestion of an innovation with all the unremarkable ordinariness of the
weather. Consider also the cuddly, kids'-TV-esque Google logo, or the way that so much
of the Microsoft brand is synonymous with the humanitarian work of Bill Gates. All this
chimes with a culture in which, as supposedly maverick organisations get ever closer to
government, mass trust in their operations still seems to know no bounds – even when
such revelations as the iPhone's surreptitious tracking of its users' movements point to
slightly more on their minds than the breezy convenience of their customers. 4/26/2011
Why hackers and spooks want our heads in the cloud | John Harris | Comment is free | Th... Page 2 of 2

While we're here, take note: all messages on Gmail are automatically scanned so Google
knows where to place any relevant ads – and deleted messages and accounts "may take
up to 60 days to be deleted from our active servers and may remain in our offline
backup systems".

Inevitably, hacking into stuff stored in the cloud is a global pastime, with its own grim
star system. Earlier this month, for instance, a very unpleasant Californian named
George Bronk was jailed for six years for rifling through Gmail and Yahoo mail accounts
belonging to women and girls (some of them British), and sending any revealing
pictures he found to all their Facebook contacts. Meanwhile the world's more
authoritarian states know exactly what the cloud allows them to do: in late 2009, for
instance, Google's servers were breached by Chinese hackers, presumed to be under
government orders, who tried to break into the email accounts of human rights activists.

We all know how even democratic states tend to view the kind of informational riches
that the cloud contains. Our own Regulation of Investigatory Powers Act is in the
process of being partly reformed, but even more invasive data-gathering powers seem in
the pipeline. In the US, whether to drop or renew provisions in the infamous Patriot Act
is currently the subject of a noisy debate – but extensive powers to pry into data and
communications will remain. (In Canada this has fed into a fascinating debate about
public and private sectors using US-based cloud services, and thereby leaving people
open to American surveillance.)

There is, perhaps, a worrying time lag at work here. The computer industry came of age
in the 1990s, that giddy phase of American and European history when
authoritarianism was assumed to be on the wane. For sure, it's still nice to live in a
liberal democracy, but given that the world has since moved in no end of sinister
directions, isn't our unthinking embrace of the cloud (and just to recap: our medical
records could soon be up there) an ill-advised throwback? And what of the long view:
looking ahead 50 years, how certain are we that the surveillance state will not have
extended its tentacles; that nasty, illiberal politics will not be all the rage; or that Google,
Microsoft et al will not have learned dangerous new tricks?

Right now, I think of the hyper-connected activists behind UK Uncut, or the ongoing
anti-fees protests, or the other campaigns over which our spooks presumably keep
watch, and feel a pang of unease. This cloud, I fear, may yet turn very dark indeed. © Guardian News and Media Limited 2011 4/26/2011