Can Kim Dotcom’s cloud be trusted?

This time Kim Dotcom has gone to great lengths to build a respectable business.

Dotcom and his lawyers have hit on a formula that looks squeaky clean. If anything naughty is stored on his Mega servers employees can legitimately hold up their hands and say “it wasn’t me”.

Hiring high profile InternetNZ boss Vikram Kumar to head the new operation was a public relations masterstroke, at least in New Zealand.

Months of writing about cloud computing from a business perspective have taught me cloud provider must be trustworthy. The same logic applies for personal data as for business data. As Dotcom’s Megaupload customers discovered, if a cloud operation is suddenly stopped, data cannot be retrieved.

On the surface the 50GB of free file storage looks like too good a deal to pass. But can we trust Dotcom and his new Mega organisation with our data?

In this case, that question is almost irrelevant. Dotcom’s business may or may not be trustworthy. It may even be financially stable*. Mega may respect the law. The problem is governments in Washington, Wellington and elsewhere don’t.

Last year’s raid was, at best, legally questionable. The indictments are also questionable. That didn’t stop governments closing Dotcom’s earlier cloud service and confiscating his assets.

Your data security is more dependent on the whim of the US government than it is on the integrity of Kim Dotcom and Mega.

For now at least, The US government appears happy for you to store the same files on Amazon, Apple, Microsoft, Dropbox or any of dozens of other cloud services.

In this case the question of trust isn’t about Mega but the US government.

* Mega may be financially sound, but if I was doing real due diligence, that’s where I’d look first when assessing the risks.

9 thoughts on “Can Kim Dotcom’s cloud be trusted?

  1. You’d need rocks in your head to entrust valuable data to Mega, for all the reasons you mentioned and probably more. It could only make sense for doing dodgy things with stuff you don’t own.

    • Why is that? Why do I have to be doing something illegal to not want to be spied on?
      As Bill says, MegaUpload was a one-of-many service that only went down because the US gov’t decided it should. Can you honestly say Rapidshare, et al had no illegal content on them?

      It is very important, as Bill said, that companies trust where their data is going and that they are the only ones who can see it. Years of financial records or email records etc mean confidentiality is needed.

      • The point I was making was that you wouldn’t entrust your valuable data to Mega, because you couldn’t be confident the service would remain functioning. But using Mega for dodgy activities would be less of a problem for people with such inclinations because such activities usually don’t involve data you can’t afford to lose.

      • I would trust them, but as any good net citizen I would diversify and have backup solutions so I don’t lose anything. It could be great if the API was right for a distributed, encoded backup solution via local storage, server storage, Mega and maybe another third party. Mega would help with secure remote access where encoded data is stored on there and downloaded, decoded, and backed up on server and then dispersed to other end-points. It could be a good secure gateway/backup for your data.

  2. It is such a shame that a legitimate business has to worry about whether the gov’t wants them to be in business or not. MegaUpload and Aaron Swartz have shown how far they will go to further their own selves over the law or morals. But how do you combat it if working within the law doesn’t help you? Money and bribery?

  3. I act for Mega so am hardly independent in this discusison but, as an information point, I note Mega’s data storage servers are not located in the US and (I am proud to say) it uses a .co.nz domain name. Server location and US registry based domain names (e.g. .com) seem to have been the attack vectors most commonly used by US authorities in pre-emptive take downs of web businesses.

      • I’m with you Bill, and don’t think having .co.nz or not being served in the US will stop them. I wish you luck Rick, fight the secure fight.

  4. Pingback: Can Dotcom kickstart NZ tech? | Bill Bennett

Comments are closed.