Cloud Storage: An increasing risk?


Storing one’s data in the cloud… in other words on third party networks… has been rapidly growing in popularity, both as a backup medium and a means for providing access to data from a variety of devices. The benefits and risks have been well documented with the consensus generally coming down on the plus side. Now, a seemingly insignificant event in the U.S. has cast serious doubts over the practice.

A malware researcher based in the U.S. has been kicked off the cloud-based hosting service MediaFire after compressed and encrypted Windows patches and malware samples she stored on its site were flagged as copyrighted material. The researcher, Mila Parkour, reported on her Contagio malware blog after receiving notification that her account on MediaFire had been suspended and content she posted had been flagged and removed for violations of the U.S. Digital Millennium Copyright Act (DMCA).

The action against Ms. Parkour was instigated by a complaint from a French company called LeakID which describes itself as a “digital agency …founded by experts from the world of radio, television and Internet.” LeakID markets a service called “Leaksearch” as an “ownership tool that will alert you within seconds if your content is being pirated.”

According to Ms. Parkour, MediaFire received a notice from LeakID claiming that it was “acting on behalf of the copyright owners,” even though the owners and presumed copyrighted content weren’t named. Under the rules of the DMCA, organizations which receive notices of copyright infringement must prevent the file from being shared, regardless of the legitimacy of the complaint.

It appears the system has fallen down badly here and in the process yet another innocent party has fallen victim. Yes, a 100% mistake-proof system is nigh on impossible to achieve but it seems to me that the emphasis is all wrong. The way it stands now, if a mistake is made, the alleged infringing party has an avenue of recourse available via submitting a counterclaim but, in my opinion, that is merely shifting the onus of proof. In a society where citizens are generally considered innocent until proven guilty is it not incongruous that the opposite should apply in cases where copyright issues are concerned? Surely it should be incumbent on someone, perhaps the sites involved, to substantiate claims prior to taking any punitive action.


Apparently what we have here, compliments of the DMCA, is a law which advocates a ‘shoot now and ask questions later’ policy.

So, given the apparent potential for surrendering control and ownership of uploaded data, would you consider entrusting your personal data to the cloud?

About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele... as well as writing for DCT, of course.

5 Comments

  1. Jim, with all that is available for users to have multiple backup copies, I have and cannot see why someone would want to upload secure data to a remote server, other than ones own. I’ve been taught to always verify that the saved information is readable, thus making sure it is indeed a good backup. Transmission errors are common. The software I use to burn a DVD (save information) alerts me if a problem occurred, but I prefer to check for myself if I can read the copy correctly. Even then, I’m not 100% sure the copy is trustworthy, so I make an extra different copiy. Sure this is only done for my most precious data, but, we all have precious data. Having it sit on a remote server, where it can be accessed by strangers, or better yet, scanned for digital copyright infringements, NO WAY, Mindblower!

  2. I keep thinking that I am such a Luddite for not wanting to share my data externally, out of my physical reach.
    It most certainly is a 21st-Century phobia.
    If you read the story of Aliyun Operating System (Chinese: 阿里雲), then you may really start having trust issues with/about this cloud data depository.
    RE: en.wikipedia.org/wiki/Aliyun_OS

  3. What would worry me about this report is that the French firm was able to read an encrypted file to determine that it was a copyright violation. I thought that encryption is supposed to make them unreadable.

    • Hi Charlie – Apparently, the data does not necessarily require decrypting (or reading) in order to identify it. I believe they utilize some kind of hash system to help identify copyright material. Which, in my opinion, merely increases the likelihood of mistakes being made.

      Cheers… Jim