"US authorities could access the metadata of public cloud users, even if they use the sovereign offering of an American hyperscaler. According to a Dutch legal firm, the Americans cannot access customer data on the AWS European Sovereign Cloud, although the same cannot be said about all metadata. At what point does customer data become metadata? And what could one learn about cloud users based on the metadata they leave behind, even if their 'personal' data appears to be secure?"
"Metadata is always difficult to define. In fact, it is effectively infinite, because information about information can occur in any and all forms. It forms the basis for search engines and administrative processes. In addition, it is useful for monitoring IT systems. This is why hyperscalers, whether they are called AWS, Google Cloud, or Microsoft Azure, retain access to certain metadata."
"Service-generated data concerns traffic patterns and logs about usage for health monitoring. Google Cloud does roughly the same thing with Admin Activity and Data Access audit logs. At AWS, telemetry is discussed in the same way that the other two cloud giants talk about metadata. The company collects this data to "understand how features are used and to improve our services." There are opt-outs for AI training and user behavior, but not for telemetry for packet routing and billing."
US authorities may gain access to certain metadata produced by cloud services even when customers use European sovereign cloud offerings from American hyperscalers. Customer content may remain protected, but operational and diagnostic metadata such as capacity metrics, system health, deployment counts, IP addresses, client locations, routing information, traffic patterns, and audit logs can be collected and, in some cases, leave Europe. Hyperscalers retain metadata for management, monitoring, fraud detection, and improvement of services. Distinctions between metadata types vary by provider, and opt-outs exist for some uses but often exclude telemetry needed for routing and billing.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]