9号彩票开户

关注微信  |  微博  |  腾讯微博  |  RSS订阅
读者QQ群③:168129342,投稿请发dashuju36@qq.com
我要投稿

我的个人数据不得不存在中国的服务器上,怎么办?

个人数据

编者按:保罗·罗森维格(Paul Rosenzweig)是全球安全咨询公司The Chertoff Group高级顾问,还曾担任过美国国土安全部负责政策事务的副助理部长。The Chertoff Group主要为信息安全领域的企业客户提供咨询服务,包括云计算服务。

在确定由谁控制云数据的问题上,云数据的存储地点正变得越来越重要。虽然全世界有不少人对美国的数据存储充满担忧,不过如果保存在其他国家,情况可能会更加糟糕。例如,想象一下,如果你将个人数据存储在中国的云端服务器上,那会发生什么事情。这个国家向来以对美国企业实施网络攻击而著称。但不久以后,你就不用再去想象这种状况了,因为一切都将成为现实。

在过去一年间,全球云计算行业始终处于动荡之中,这主要缘于爱德华·斯诺登(Edward Snowden)对美国“棱镜”监控项目的披露。一个被反复提及的话题是,人们对数据本地化(data localization)的要求越来越迫切,也就是说,数据必须存储在某个国家,这样一来,它就要受到这个国家法律和司法管辖权的制约。有些人还将数据本地化看作是防止别国对本国人民实施监控的一个办法。

由于这些担忧,在欧洲和巴西已有一些议员提议必须在本土保存数据。在美国,对于政府要求访问存储在公司海外服务器上的数据的做法,微软则据理力争,坚决抗争。简而言之,根据整个行业的发展潮流,最终将形成一种惯例,即云数据存储的物理地点将定义控制这些数据的人。

迄今为止,这场斗争主要在西方国家上演,外界对制订有利于公民自由和消费者隐私的法规的呼声越来越强烈。但这并不是要求执行数据本地化的唯一理由。越来越多的专制国家正利用数据本地化来满足自己的私欲——作为控制本国民众、维持现状及维护专制垄断权力的一种手段。出于本能,在专制国家开展业务的一些西方国家企业坚决抵制这种要求,但为了能在专制国家继续运营,这些企业往往会接受数据本地化的条件。

苹果最近在中国的遭遇就颇具警示作用。据报道,苹果已经同意使用中国境内服务器在中国保存iCloud数据。在公开场合,苹果装出一副若无其事的样子,称数据保存于中国境内服务器意在“增加带宽”,提升中国大陆客户的体验。也许如此吧。但行业观察家对这种解释持怀疑的态度。

毕竟,中国政府之前曾公开表示,担心苹果将数据存储于海外服务器的做法可能对中国国家安全构成威胁,给美国国家安全局(NSA)实施监控以可乘之机。虽然这种说法可能只是一个幌子,但是中国却可以借此推进本国政策议程。根据中国法律规定,出于安全方面的考虑,当地银行和电信运营商必须将数据存储于境内——同时还可以作为监控本国公民的一种手段。苹果同意将数据保存于中国境内服务器上,就属于这种更大的潮流的一部分。

诚然,苹果表示会对保存于中国电信运营商服务器上的数据进行加密处理,但我们知道由云服务商提供的加密措施的有效性仅仅等同于它抵制政府解密要求的能力。在西方国家,这些要求必须按照法律程序办,云服务提供商可以向持中立立场的司法部官员对这种做法提出抗议。但在中国这样的国家,要求解密的法令往往只是走过场。因此,所谓的加密承诺,最理想的情况下也不过起到一个适度“路障”的作用,在最糟糕的情况下,这种承诺只能是痴心妄想。

从纯粹的商业角度看,苹果的决定是完全可以理解的。当全世界人口最多的国家将某种要求作为市场准入条件的时候,你让一家公司奋起反抗,这完全是不现实的,无异于螳臂当车之举。

不过,苹果同意将数据存储于中国境内服务器所带来的后果需要仔细研究。对于那些到中国出差的大多数公司高管而言,将个人电子数据留在国内已经成为最常见的应对手段。但在此之前,这些高管担心的主要是怀疑自己的电子设备被政府机构的黑客安装了恶意软件,或是电子设备上存储的知识产权被窃取。

如今,对于中国境内的苹果用户来说,数据存储结构已经取消了“中间人”这一环节。上传至iCloud的数据容易遭到破解,同时还无需通过安装恶意软件进行渗透。那些带着iPhone或iPad前往中国的用户,他们的数据可能在中国政府的授意下,由中国电信运营商的服务器直接拷贝。

对于那些自带设备到中国旅行的美国政府官员来说,数据遭窃的威胁尤其严重。自带设备(BYOD)的益处是,这可以给他们的出行带来很大的便利。但对于政府官员而言,即便是看似微不足道的个人数据被窃,最终都有可能带来负面影响。遗憾的是,苹果的决定意味着美国人自带设备到中国旅行的时代注定成为历史。

如果说中国以前在恶意活动方面是“西部荒原”的话,那么它现在正成为一个数据存储与利用的“封闭式商店”。数据本地化潮流正日益演变为有利于专制政权的非正常状况。最终,互联网自由和隐私将反受其害。(翻译:皓岳)

英语原文:

Editor’s note: Paul Rosenzweig is a senior adviser to The Chertoff Group, a global security advisory firm that advises clients on information security, including cloud computing, and former Deputy Assistant Secretary for Policy at the U.S. Department of Homeland Security.

Where your cloud data is stored is, increasingly, critical to determining who controls it. Though many around the globe have become concerned about data storage in the United States, there are worse alternatives. Imagine, for example, if your personal data were stored on a cloud server in China, a nation-state actor well known for conducting cyber espionage against U.S. businesses and surveillance of its own population. Soon, you will not have to imagine any longer – that will be reality.

For the past year, the world of cloud computing has been in a state of turbulence, mostly caused by the various Edward Snowden revelations about American surveillance activities. One of the recurrent topics is the growing requirement for data localization – that is, the idea that data must be stored in a particular geographic location so that it is subject to the laws and jurisdiction of that country. The localization requirement is thought by some to be a way of resisting external surveillance by other nations.

Because of these concerns, there have been proposals in Europe and Brazil to require the domestic storage of data. In a related effort in the United States, Microsoft is fighting a battle to resist American government efforts to access data stored on Microsoft servers overseas. In short, the trend is, haltingly, toward a rule that where your cloud data is physically stored defines who controls it.

Thus far that battle has, principally, been a struggle within Western countries and couched as a question of law for the benefit of civil liberties and consumer privacy. But that’s not the only reason data storage requirements are being implemented. More authoritarian countries are using data localization to their own ends – as a means of control over civilian populations; continuing the status quo; and maintenance of a despotic monopoly on power. Though Western companies doing business in authoritarian states instinctively resist these requirements, in the end, data localization in a repressive country is often the cost of doing business.

Apple’s recent experience in China is a cautionary tale. According to TechCrunch, Apple has agreed to use Chinese-based servers to store iCloud data in China. In public, Apple put a brave face on the move, asserting that Chinese-based data storage is intended to “increase bandwidth” and “improve performance” for its mainland China customers. Perhaps so. But observers are justifiably skeptical.

The Chinese government, after all, has voiced national security concerns about Apple’s overseas storage of data, raising the specter of NSA surveillance. While a useful sham, these expressed concerns allow China to advance its own domestic policy agenda. Chinese law already requires the domestic storage of local bank and telecom data for security purposes – and as a means of monitoring the domestic population. Apple’s agreement to domesticate its data in China is part of that larger trend.

To be sure, Apple says it encrypts the data that it stores on Chinese telecom servers. But we know that encryption by a cloud service provider is only as effective as its ability to resist government demands for decryption. In Western nations, those demands typically come in the form of legal process where the cloud service provider has an opportunity to protest before a neutral judicial officer. In more despotic systems, like China, the decryption order will often take a more coercive form. Hence the promise of encryption is, at best, a modest road block and, at worst, a chimera.

Apple’s decision is, as a business matter, completely understandable. When the largest country in the world demands particular structures as a condition of market access, it is unreasonable to expect any corporate actor to resist.

Nevertheless, the consequences of Apple’s move to domestic storage need to be carefully examined. It is already standard policy for most corporate executives traveling to China to leave their personal electronics at home. But until now the concern has been with the surreptitious installation of malicious software and the theft of intellectual property by semi-official government hackers.

Now, for Apple users in China, the architecture of the data storage has cut out the middleman. Data uploaded to the iCloud is vulnerable to exploitation without the need for malicious infiltration. Instead, users who bring their own iPhones or iPads may have their data copied directly from Chinese telecom servers at the behest of the Chinese government.

The vulnerability is particularly acute for U.S. government officials who bring their own devices to China for personal use. The temptation, as always, is the convenience of a readily accessible device. But for the unsuspecting government official, even the compromise of seemingly insignificant personal data can, in the end, have adverse impacts. Sadly, Apple’s decision means that BYOD in China must end.

Whereas China was previously a “wild west” of malicious activity, it is becoming a “closed shop” of digital storage and exploitation. The trend toward data localization increasingly metastasizes into aberrant pathologies that support authoritarian regimes. And, in the end, Internet freedom and privacy suffer.

via:TC

End.

转载请注明来自36大数据(36dsj.com):36大数据 » 我的个人数据不得不存在中国的服务器上,怎么办?

36大数据   除非特别注明,本站所有文章均不代表本站观点。报道中出现的商标属于其合法持有人。请遵守理性,宽容,换位思考的原则。

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
友情链接:港龙彩票  北京赛车pk拾投注技巧  北京赛车pk拾分析软件  易发彩票  创元彩票  

免责声明: 本站资料及图片来源互联网文章,本网不承担任何由内容信息所引起的争议和法律责任。所有作品版权归原创作者所有,与本站立场无关,如用户分享不慎侵犯了您的权益,请联系我们告知,我们将做删除处理!