Wikileaks: Was Amazon’s action justified?

Wikileaks: Was Amazon’s action justified?

Wikileaks has been grabbing headlines across the globe, and has divided the world into those who laud it for standing up to free speech and others who decry it as detrimental to the national security of the United States. Without being judgmental, we present some of the issues related with cloud computing that this drama has brought to light.

The Wikileaks controversy and the subsequent action taken by certain cloud computing service providers like Amazon has brought focus to the need for an industry-wide approach to service level agreements and codes of practice.

While Amazon said that Wikileaks had violated the terms of service and hence they were justified in denying service, there have also been criticism on its actions, with Dr. Joseph Reger, Chief Technology Officer for Fujitsu Technology Solutions, going on record saying,

Cloud computing’s reputation has been damaged.”

Dr. Reger said that Amazon’s action “is bad news for the new IT paradigm of cloud computing. If a provider can terminate its service that easily, then it is doing exactly what skeptics expect, putting the security and availability of cloud services into question.”

“Many potential customers for cloud computing services will, I fear, have been paying attention and will now be forced to reconsider whether they can afford to make their IT that dependent on a third party. Cloud-computing’s reputation has been damaged. For IT, this is the real tragedy,” he remarked.

Dr. Reger said that Wikileaks may have actually violated the terms of service but that was not something that Amazon should decide on, but rather a court of law. He said that this scenario had introduced a new threat to company data – while earlier they feared threats from hackers, now they would potentially fear the cloud computing Service Providers as well. He cautioned customers of cloud computing services to be extra careful when reviewing their service agreements with the providers of such services.

As for Amazon, it has responded to allegations of impropriety with the following statement on its website:

“Amazon Web Services (AWS) rents computer infrastructure on a self-service basis. AWS does not pre-screen its customers, but it does have terms of service that must be followed. WikiLeaks was not following them. There were several parts they were violating. For example, our terms of service state that “you represent and warrant that you own or otherwise control all of the rights to the content… that use of the content you supply does not violate this policy and will not cause injury to any person or entity.”

It’s clear that WikiLeaks doesn’t own or otherwise control all the rights to this classified content. Further, it is not credible that the extraordinary volume of 250,000 classified documents that WikiLeaks is publishing could have been carefully redacted in such a way as to ensure that they weren’t putting innocent people in jeopardy. Human rights organizations have in fact written to WikiLeaks asking them to exercise caution and not release the names or identities of human rights defenders who might be persecuted by their governments.

We’ve been running AWS for over four years and have hundreds of thousands of customers storing all kinds of data on AWS. Some of this data is controversial, and that’s perfectly fine. But, when companies or people go about securing and storing large quantities of data that isn’t rightfully theirs, and publishing this data without ensuring it won’t injure others, it’s a violation of our terms of service, and folks need to go operate elsewhere.

We look forward to continuing to serve our AWS customers and are excited about several new things we have coming your way in the next few months.”

By Sourya Biswas

Recovery Experts.png
Data Bed.png
Disaster Recovery Plan.png
Byod.png
Matrix
When sci-fi films like Tom Cruise’s Oblivion depict humans living in the clouds, we imagine that humanity might one day leave our primitive dwellings attached to the ground and ascend to floating castles in the ...
Gilad David Maayan
What is Zero Trust Network Access (ZTNA)? In a zero-trust security model, all user connections are authenticated, and users only receive the access and privileges they need to fulfill their role. This is very different ...
David Loo
The Long-term Costs of Data Debt It’s no secret that many of today’s enterprises are experiencing an extreme state of data overload. With the rapid adoption of new technologies to accommodate pandemic-induced shifts like remote ...
Mitigation Security
Data scraping solutions When people hear the term data scraping, their first thought is often about how companies use this technology for competitive reasons – specifically to pull publicly-available data from millions of websites in ...
Jen Klostermann
The Fintech Landscape The Nitty Gritty Although the COVID-19 pandemic has highlighted its existence, most of us have been using fintech in some form or another for quite some time. It’s a big part of ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.