Getting a Bill of Indictment from a Grand Jury and a search warrant from a judge are two completely different things, legally speaking.
The USG, at least some agencies, are maintaining that any email or files that are six months or older are business records, much like the electric company's usage records for your house, and only require a subpoena. The USG doesn't accept that seizing copies of your email and public cloud stored files is a search under the Fourth Amendment, and as such doesn't require a search warrant affidavit sworn to in front of a judge. From: [email protected] [mailto:[email protected]] On Behalf Of Jonathan Link Sent: Tuesday, June 04, 2013 9:21 PM To: [email protected] Subject: Re: [NTSysADM] RE: Microsoft's 'Blue' servers If a DA/US Attorney can indict a ham sandwich, getting a search warrant isn't that big a deal. On Tue, Jun 4, 2013 at 9:05 PM, Jon Harris <[email protected] <mailto:[email protected]> > wrote: I am trying to point out that not all governments will play totally by the rules. A search warrant, at least in the states, requires some proof of wrong doing along with a judges blessing. The warrant I am referring to is just a government letter saying we want access, and would potentially specify that the cloud vendor not tell their client that this is happening the agency does not even have to get a judges blessing on the search. I believe there have been a number of instances where this has happened already but I can't site any specifically. On premise data would at least be safer from that kind of thing happening. It is harder to have government agents walk up to a door of a company and tell them 'hey we demand access to all of your servers so that we can snoop around and see what you are doing' and not have a bunch of lawyers demanding to see the proof of wrong doing. A cloud vendor would not be in a position until all the legal challenges are done to tell those same government agents 'no' without incurring some liability. Once all the legal challenges are done and the cloud vendors have all the legal contracts in place and some sort of protection from the potential criminal liability then the cloud would be to some degree safer for companies to move to it. I am not condemning it's use just handing out an opinion as to this movement with less than critical thinking by SMB's. Jon _____ From: [email protected] <mailto:[email protected]> To: [email protected] <mailto:[email protected]> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers Date: Wed, 5 Jun 2013 00:41:35 +0000 I hate to say it but I see a lot of companies regretting the decision to jump to the web when some gov decides it can just issue a warrant and start searching that businesses digital material. What does "jumping to the web" have to do with cloud? If the authorities can get a warrant, they can just turn up at your door and seize your paper files if you insist on not having anything digital. Perhaps I'm a bit confused as to whether you're condemning (1) the use of digital media, (2) putting things onto the WWW, or (3) using a cloud provider. If it's either (1) or (2) I think you'd have a hard time convincing anyone that the risks and costs outweigh the benefits. Cheers Ken From: [email protected] <mailto:[email protected]> [mailto:[email protected] <mailto:[email protected]> ] On Behalf Of Jon Harris Sent: Wednesday, 5 June 2013 10:17 AM To: [email protected] <mailto:[email protected]> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers I hate to say it but I see a lot of companies regretting the decision to jump to the web when some gov decides it can just issue a warrant and start searching that businesses digital material. The IRS has been doing it with emails claiming they have the right to do it. It may not be the American gov that does this first (but I would not bet against it) and it will cost some company big time. I seem to also remember someone on the list a few months ago posting an article about a hack that allowed for cloud machines to be compromised if where were on the same hypervisor. Jon _____ From: [email protected] <mailto:[email protected]> To: [email protected] <mailto:[email protected]> Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers Date: Wed, 5 Jun 2013 00:05:46 +0000 It won't happen overnight. But my prediction is that eventually the providers will, after grabbing the non-complex mass market, start going after industry verticals. They'll start with the low-hanging fruit (i.e. smaller firms that exist in just one jurisdiction). They'll get a bunch of lawyers, talk to regulators and so on, and start marketing a 'certified' solution for that industry - possibly with some level of indemnification. It's definitely customers who are pushing the "cloud" thing - even in some large FSI corps that I've colleagues in are pushing this. They're turning to their current outsourcers and asking "why can't I get the same flexibility/pricing/etc from you that I can get from Amazon?" "Why does it take you 6 weeks to give me a server whereas Amazon can give me one in 2 hours?" and so on. It's going to be a huge issue for HP/CSC/IBM, which is why they're scrambling to put together their own cloud offerings. VMWare's also sniffing around - touting their services business as a replacement for incumbent outsourcers. Cheers Ken From: [email protected] <mailto:[email protected]> [mailto:[email protected]] On Behalf Of James Rankin Sent: Wednesday, 5 June 2013 1:07 AM To: [email protected] <mailto:[email protected]> Subject: Re: [NTSysADM] RE: Microsoft's 'Blue' servers Hmmm, sounds like MS' approach is that they've decided that The Cloud is unavoidable, or will at least represent the "sensible choice" in future For dev and test environments, sure, and maybe smaller enterprises without regulatory requirements and/or no budget to spare for private infrastructure, but throw in any kind of data security and integrity - particularly anything that has implications related to storing information in other global jurisdictions - and I just get the feeling that it won't take off as much as everyone would have us believe. I'm also becoming less convinced of Microsoft's capability to respond to customer requirements, although to be honest that's exhibiting more in the consumer end at the moment than business. I'm not known as any kind of trend-predictor or tech commentator, though, so I'm just stating my gut feelings :-) On 4 June 2013 15:52, <[email protected] <mailto:[email protected]> > wrote: They will never position it as something you HAVE to do or else (like Google). They are developing the technology so that when you're ready, it will be ready for your needs. The Cloud leader will be the one that can show "why" it makes sense to move, not that moving is the only choice. Sent from Microsoft Surface Pro From: James Rankin Sent: Tuesday, June 4, 2013 9:33 AM To: <mailto:[email protected]> [email protected] But the expectation is that "years later" everyone will go cloud-based of some sort? I can see that not flying for a lot of orgs - if MS take the "shove it down your throat regardless" option they did with some of the Win8 features, it might change the landscape somewhat Just my ill-informed and quickly-formulated opinion :-) On 4 June 2013 15:27, Michael B. Smith <[email protected] <mailto:[email protected]> > wrote: Microsoft wants to drive you to the cloud. Some people will settle on a single version of the software and then move years later. There is no ostensible requirement to keep pace with Microsoft.
