This month, a nightmare scenario has surfaced that may have lasting repercussions for cloud users. As reported from Associated Press, American prosecutors blocked access to Megaupload and charged seven men alleging the site was a catalyst for allowing illegal downloads of copy written material. When you visit the MegaUpload website, a rather ominous graphic greets you.
So why is this an issue for those who use Cloud Computing? The Federal prosecutors do not distinguish legitimate users of MegaUpload from illegitimate. The same prosecutors stated that data from users of Megaupload may be erased beginning later this week. Those users have no path to get any of their data. Furthermore, it is unclear if Federal Prosecutors will also be seizing data not directly related to the injunction. Small companies who used the services as a data backup are currently blocked from access. From the AP/CBS article:
"A letter filed in the case Friday by the U.S. Attorney's Office for the Eastern District of Virginia said storage companies Carpathia Hosting Inc. and Cogent Communications Group Inc. may begin deleting data Thursday. Spokespersons for the two companies and for the U.S. Attorney's Office did not respond to messages Sunday night."
This should have been easy to avoid, correct? Much like the derivatives market though, several users of the services might not have even understood what they were getting into. The business model used by MegaUpload includes hiring third parties to store the data for a fee so perhaps some data is safe? Unfortunately, as reported by Associated Press, the same government prosecutors have frozen MegaUploads finances. If they cannot pay the third parties, it is seriously likely that data may get deleted, depending of course on the EULA used. According to the same sources, millions of users who use this site to store data may be affected.
The lessons learned here? We would aver that legal rulings such as the one made need to account for the impact of seizure. The whole notion of locking down a complete system due to an alleged illegal activity may have a serious and lasting impact on legitimate users. A path to recovery of legitimate data should be part of the any such future actions and by blocking access, those who do so incur a large responsibility to all users of that site to ensure no losses are suffered. Unfortunately, in cases like this, it seems no impact assessment had been done or accounted for in the contingency plans and it is akin to throwing out the baby with the bathwater.