(Image credit: Sam Johnston/Wikimedia Commons)

According to reports, all personal information stored on major cloud computing services can be spied on by US agencies without users’ knowledge or even a search warrant.

This is all reportedly being done under the recently reauthorized Foreign Intelligence Surveillance Act (FISA) and has led British Members of Parliament to call on the British government to not only end the use of cloud computing but also stop sharing intelligence services with the U.S, according to the Independent.

It’s worth pointing out that the US government has admitted breaching the Fourth Amendment under FISA while maintaining an absurd level of secrecy around the Act. Given the massive expansion of the Pentagon’s cyberwarfare forces and the exponential rise in surveillance overall, people around the world have a quite legitimate reason to be concerned.

As New Zealand’s IOL points out, under FISA “all documents uploaded on to cloud systems based in the US or falling under Washington’s jurisdiction can be accessed and analyzed without a warrant by American security agencies.”

Apparently, US agencies have been able to access private data stored on the cloud since 2008 while no one had any clue it was going on.

“What this legislation means is that the US has been able to mine any foreign data in US Clouds since 2008, and nobody noticed,” said Caspar Bowden, chief privacy adviser to Microsoft Europe for nine years until 2011.

According to IOL, US agencies like the National Security Agency (NSA), the FBI and the CIA can all access information that potentially concerns American foreign policy for reasons which are purely political.

There is apparently no need for suspicion that national security issues are at stake which would mean that religious organizations, political campaigns and even journalists could have their data monitored by the US government.

Bowden, now working as an independent advocate for privacy rights, co-authored a report for the European Parliament which warns of the threat posed by FISA.

In the report, Bowden also criticized the UK Information Commissioner’s Office for giving the control over to the US government.

Perhaps even more concerning for the British, four of the suppliers of the UK Government’s G-Cloud system are indeed located in the US and thus under American control thanks to FISA, raising “questions over the security of information is being stored overseas,” as the Independent puts it.

“The Americans have got to remember who their allies are and who their enemies are,” said Tory MP David Davis.

“There are people like us who they rely on to provide them with listening stations, like Menwith Hill for example,” Davis said, referring to a Royal Air Force base which aids the US intelligence community by intercepting communications.

“Do they really want Parliament to start asking Government to limit what Menwith Hill can do? There are all sorts of possibilities if they carry on with this,” Davis said.

Davis further warned that there is “a whole cascade of constitutional and privacy concerns for ordinary British people.”

However, the UK government seems totally onboard as the entity responsible for policing the UK’s data protection laws “effectively ruled that companies were right to pass information over to foreign government requests as the disclosure was made ‘in accordance with a legal requirement,’ such as FISA,” according to IOL.

“Every time we make a bridge of trust, or commit an indiscretion, using a social network or webmail, think how a foreign country could use that information for its own purposes to influence policy and politics,” Bowden said. “Drafts of documents prepared online, who is in contact with each other, all of this can be captured and analyzed using data-mining algorithms much more advanced than those offered by public search engines.”

Bowden said in his report that the threat of “heavy-caliber mass-surveillance fire-power aimed at the cloud” is actually more significant than the threat posed by cybercrime.

“What’s different about this is that it’s a power in the US authorities to insist on real-time collection of information by any data processer within US jurisdiction,” said Gordon Nardell QC, a British barrister specializing in data protection.

“The US authorities basically grab everything that is going in and out,” Nardell said.

Dutch Member of European Parliament Sophie in’t Veld, vice chair of the European Parliament’s civil liberties committee urged the European authorities to act swiftly.

“Let’s turn this around and imagine this is not the United States having unlimited access to our data but the government of Mr. Putin or the Chinese government – would we still wonder if it’s an urgent issue? Nobody would ask that question,” she said.

“I have a particular concern about UK government data,” said Liberal Democrat MP Julian Huppert. “If the Government starts to do more work on a cloud system – which is being looked at for obvious reasons – have we had assurance that the US government would not access such data as foreign intelligence information, and whether there would there have to be unambiguous consent of UK citizens?”

“If the US will not give a clear assurance about government data then we will have to stop using the Cloud, as we cannot allow that to happen,” Huppert said.

“A lot of people wouldn’t realize where data is stored, and hence wouldn’t expect to be subject to US law,” Huppert continued. “The Government has a specific responsibility for personal data, and sensitive data can be stored offshore.”

“There is a very sensible increase in the government use of cloud computing, there are excellent reasons for cloud services, however there are concerns around security and this highlights one of them,” Huppert said, according to the Independent.

“US surveillance ambitions know no bounds,” said Isabella Sankey, director of Policy for Liberty.

FULL STORY