Steve Gantz writes:
… From a legal standpoint, it appears that while many opinions exist on how privacy can be protected in the cloud, who should ultimately be responsible for that protection, and how law enforcement agencies and other government entities should treat cloud environments, there are more unresolved issues than there are settled ones. One significant area that serves as an example of the inability of legislation and jurisprudence to keep up with the rapid pace of technological evolution is the extent to which reasonable expectations of privacy will apply to data stored in the cloud. A large proportion of seemingly relevant jurisprudence has considered privacy protections only in the context of emails, text messages, and other online methods of communication, but no substantial case law exists that addresses general personal information stored in the cloud, which by its nature cannot necessarily be viewed analogously to data stored in file folders on hard drives owned or maintained by the parties to whom the data belongs. One of the more comprehensive treatments of this topic comes in the form of an article published in the Minnesota Law Review last year by David A. Couillard, then a third-year law student, that provides an analysis of privacy expectations in the cloud in the context of Fourth Amendment principles and case law. Couillard’s article examines the reasoning applied by various federal courts in determining the reasonableness of privacy expectations associated with personal possessions, computers, and various forms of communication, and concludes with a set of recommendations on how courts might apply Fourth Amendment precedents to cloud computing.
Read more on Security Architecture.