PRISM is the latest buzzword. That similar should happen in Germany too, causes to worry. Despite that this interview was published in the German Manager Magazin, it seems to be a little lost in the rest of the German media landscape, unfortunately. Because in Germany we are also on the way to integrate interfaces for monitoring cloud solutions. Developed and promoted by the University of Furtwangen!
Third-party organizations should be able to check data streams
In an interview with the Manager Magazin under the apparently innocuous title “SAFETY IN CLOUD COMPUTING – “The customer come off second best” says Professor Christoph Reich of the computer science department at the University of Furtwangen and director of its cloud research center: “We want to define interfaces that third party organizations get the opportunity to review the data streams.”
This statement was in response to the question of how it can be technically realized that some kind of accountability chain to be set up that works across vendors. This has the background, that the property can be transferred, so that personal data are particularly well protected. For this reason, these accountability chain must not break if another provider comes into play.
So far so good. However, it will be exciting. In the subsequent question by the Manager Magazin:
“Would also the federal government be a potential customer? German law enforcement agencies even ask for a single interface to monitor cloud communications data in real time.“
Professor Reich answers:
“In principle this is going in this direction. But a judicially actionable verifiability looks very different. If you want to record evidential data, you need special memory for that, these are very expensive. We want to give customers the opportunity to get visualized where their data are.“
Regardless that the University of Furtwangen do not have this “special memory”, but certainly a government organization. And as long as the interfaces are available, the data can be captured and stored at a third location.
Cloud computing lives from the trust
I already wrote about it three years ago “Cloud computing is a question of trust, availability and security“. The University of Furtwangen would also like to create more trust in the cloud with their “surveillance project”.
I just wonder how to continue building confidence, if you want to integrate interfaces for the potential (government) monitoring of data streams in cloud solutions?