- freely available
Algorithms 2017, 10(2), 47; https://doi.org/10.3390/a10020047
1. Introduction: Trust, Hope, or Desperation? Records in the Cloud
The data stored in the cloud—estimated to be in the range of 10 zettabytes (ZB) by 2019—include critical records that enable individuals, businesses, and even governments to continue functioning, such as identity and vital statistics records, bank and financial records, contracts, ownership and land records, and records related to the Internet of Things. Ensuring the continuing security, accessibility, and trustworthiness of these records is no small feat. Thus, cloud-based recordkeeping has become an entrenched part of many—if not most—people’s and organizations’ practices, often undertaken without a rigorous examination of the trustworthiness of the Cloud Services Providers (CSP) given charge over the records, and of their practices. Instead, “preserving information in the Cloud may be a black box process in which we know, at least ideally, what we put in for preservation, and we know what we want to access and retrieve—essentially the same things we put in—but often we do not know what technology is used by the CSPs to manage, store, or process our information” .Within the next three years, […] more than four-fifths of all data center traffic, 83 percent, will be based in the cloud. What’s more, most of this action will be going to public cloud services—there will be more workloads (56 percent) in the public cloud than in private clouds (44 percent).—J. McKendrick 
2. Materials and Methods: The Archival Paradigm for Trusting Records
In order to conduct affairs, and in the course of conducting affairs, certain documents are created to capture the facts of the matter or action for future reference, to extend memory of deeds and actions of all kinds, to make it enduring. Inherent in this conception of the document’s capacity to extend memory, to bear evidence of acts forward in time, is a supposition about the document’s relation to fact and event or act. The matter at hand, the thing being done, produces the document, which then stands as a vehicle or device to access the fact and act. Documents of this type then came to be regarded as having what jurists called full faith or public faith—or, as we would say, as possessing trustworthiness as evidence of fact and act-if they were preserved in an appointed place according to fixed and well understood administrative procedures.—T. Eastwood 
3.1. Privacy and Data Protection: Old Regimes in a New Age
Privacy is a concept in disarray. Nobody can articulate what it means. As one commentator has observed, privacy suffers from “an embarrassment of meanings.” Privacy is far too vague a concept to guide adjudication and lawmaking, as abstract incantations of the importance of “privacy” do not fare well when pitted against more concretely stated countervailing interests.—D. J. Solove (, pp. 477–478).
Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as Internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.—(, Section 30)
[P]ersonal data, or personally identifiable information, is scattered among the rest of a business corporate data and bundled off to unidentifiable server farms. The issue, labelled as “storage strategy”, or “choice between on-premises, cloud and hybrid cloud”, is handled by back office: as a result the scale of the personal data flows problem is often hidden from the only decision makers in the boardroom who have the authority to make that call and take that risk.—C. Rustici (, p. 9).
3.2. Data Localization and Data Portability: A New Regime for Old Problems
4. Challenges for Algorithmic Research
Conflicts of Interest
- McKendrick, J. Public Cloud Computing Growing Almost 50 Percent Annually, Cisco Says; Forbes: New York, NY, USA, 2016. [Google Scholar]
- Duranti, L.; Thibodeau, K.; Jansen, A.; Michetti, G.; Mumma, C.; Prescott, D.; Rogers, C. Preservation as a Service for Trust (PaaST). In Security in the Private Cloud; Vacca, J.R., Ed.; CRC Press: Boca Raton, FL, USA, 2016; pp. 47–72. [Google Scholar]
- Quadir, S. Bangladesh Bank Exposed to Hackers by Cheap Switches, No Firewall: Police; Reuters: New York, NY, USA, 2016. [Google Scholar]
- Fox-Brewster, T. Shadow Brokers Give NSA Halloween Surprise with Leak of Hacked Servers; Forbes: New York, NY, USA, 2016. [Google Scholar]
- Director of National Intelligence. Joint Statement from the Department of Homeland Security and Office of the Director of National Intelligence on Election Security; Office of the Director of National Intelligence: Washington, DC, USA, 2016.
- Duranti, L.; Rogers, C. Trust in Online Records and Data. In Integrity in Government through Records Management: Essays in Honour of Anne Thurston; Lowry, J., Wamukoya, J., Eds.; Ashgate: Farnham, UK, 2014; pp. 203–216. [Google Scholar]
- Duranti, L.; Rogers, C. Trust in Digital Records: An Increasingly Cloudy Legal Area. Comput. Law Secur. Rev. 2012, 28, 522–531. [Google Scholar] [CrossRef]
- Cross, F.B. Law and Trust. Georget. Law 2004, 93, 1458–1545. [Google Scholar]
- Eastwood, T. What is Archival Theory and Why is it Important? Archivaria 1994, 37, 122–130. [Google Scholar]
- Duranti, L. Reliability and Authenticity: The Concepts and Their Implications. Archivaria 1995, 39, 5–10. [Google Scholar]
- InterPARES Trust. Available online: https://interparestrust.org/ (accessed on 13 January 2017).
- Pearce-Moses, R.; Duranti, L.; Michetti, G.; Andaur, S.B.H.; Banard, A.; Barlaoura, G.; Chabin, M.-A.; Driskill, M.; Owen, K.; Pan, W.; et al. InterPARES Trust Terminology Database. Available online: http://arstweb.clayton.edu/interlex/term.php?term=trust (accessed 13 January 2017).
- Duranti, L. What Will Trustworhty Systems Look Like In The Future? In Building Trustworhty Digital Repositories: Tehory and Implementation; Bantin, P.C., Ed.; Rowman & Littlefield: Lanham, MA, USA, 2016; pp. 336–350. [Google Scholar]
- Koops, B.-J.; Newell, B.C.; Timan, T.; Skorvanek, I.; Chokrevski, T.; Galic, M. A Typology of Privacy. Univ. Pa. J. Int. Law 2017, 38, 483–575. [Google Scholar]
- Solove, D.J. A Taxonomy Of Privacy. Univ. Pa. Law Rev. 2006, 154, 477–564. [Google Scholar] [CrossRef]
- Whitman, J.Q. The Two Western Cultures of Privacy: Dignity versus Liberty. Yale Law Soc. 2004, 113, 1151–1221. [Google Scholar] [CrossRef]
- Garner, B.A.; Black, H.C. Black’s Law Dictionary; Wet: Saint Paul, MI, USA, 2009. [Google Scholar]
- Gilbert, F.; Privacy, V. Data Protection. What is the Difference? Francoise Gilbert On Privacy, Security, and Cloud Computing, 1 October 2014. Available online: http://www.francoisegilbert.com/2014/10/privacy-v-data-protection-what-is-the-difference/ (accessed on 13 January 2017).
- Government of Canada. Privacy Act, RSC 1985, c P-21. Available online: http://laws-lois.justice.gc.ca/PDF/P-21.pdf (accessed on 27 April 2017).
- 45 CFR Part 160.102—General Administrative Requirements. Available online: https://www.law.cornell.edu/cfr/text/45/160.102 (accessed on 27 April 2017).
- Government of Canada. Personal Information Protect Act, SA 2003, c P-6.5. Available online: https://www.canlii.org/en/ab/laws/stat/sa-2003-c-p-6.5/latest/sa-2003-c-p-6.5.html (accessed on 27 April 2017).
- Yuvasri, P.; Boopathy, S. A Method for Preventing Discrimination in Data Mining. Int. J. Adv. Res. Comput. Eng. Technol. 2014, 3, 1541–1546. [Google Scholar]
- Barocas, S.; Selbst, A.D. Big Data’s Disparate Impact. Calif. Law Rev. 2016, 104, 671–743. [Google Scholar]
- Pasquale, F.; Citron, D.K. Promoting innovation while prevenitng discrimination: Policy goals for the scored society. Wash. Law Rev. 2014, 89, 1413. [Google Scholar]
- Citron, D.K. Cyber civil rights. Boston Univ. Law Rev. 2009, 89, 61–62. [Google Scholar]
- Corrigan, H.B.; Craciun, G.; Powell, A.M. How does Target know so much about its customers? Utilizing customer analytics to make marketing decisions. Mark. Educ. Rev. 2014, 24, 159–166. [Google Scholar]
- Tene, O.; Polonetsky, J. Judged by the Tin Man: Individual Rights in the Age of Big Data. J. Telecommun. High Technol. Law 2013, 11, 351. [Google Scholar]
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC (General Date Protection Regulation). Available online: http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf (accessed on 27 April 2017).
- Stewart, J.M.; Chapple, M.; Gibson, D. CISSP: Certified Information Systems Security Professional Study Guide; John Wiley & Sons: Indianapolis, IN, USA, 2012. [Google Scholar]
- Rustici, C. GDPR: The Functional Specifications of EU-Grade Privacy; O’Reilly Media: Sebastopol, CA, USA, 2016. [Google Scholar]
- Mishra, N. Data Localization Laws in a Digital World: Data Protection or Data Protectionism? Public Sphere: J. Public Policy 2016, 2016, 135. [Google Scholar]
- Bohaker, H.; Austin, L.; Clement, A.; Perrin, S. Seeing through the Cloud: National Jurisdiction and Location of Data, Serves, and Networks Still Matter in a Digitally Interconnected World; University of Toronto: Toronto, ON, Canada, 2015. [Google Scholar]
- Dingman, S. Microsoft Opens Cloud Services to Select Canadian Clients with New Data Centres; The Globe and Mail: Toronto, ON, Canada, 2016. [Google Scholar]
- Duranti, L.; Rogers, C. Educating for trust. Arch. Sci. 2011, 11, 373–390. [Google Scholar] [CrossRef]
© 2017 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).