Cloud (service): Difference between revisions
→Examples: AI examp |
I indeed meant ToS but I guess I really wanted to link this to something |
||
Line 34: | Line 34: | ||
A service provider requires some level of access to the data it processes. Unless access to the service is engineered on consumer's side to minimize such access (e. g. end-to-end encryption), all of the processed data is visible to the service provider<ref name=":0" />, where it can be leaked as a result of a cybersecurity incident or used for purposes to which consumers did not consent (such as included in machine learning datasets{{Citation needed}} or sold to advertising companies{{Citation needed}}). | A service provider requires some level of access to the data it processes. Unless access to the service is engineered on consumer's side to minimize such access (e. g. end-to-end encryption), all of the processed data is visible to the service provider<ref name=":0" />, where it can be leaked as a result of a cybersecurity incident or used for purposes to which consumers did not consent (such as included in machine learning datasets{{Citation needed}} or sold to advertising companies{{Citation needed}}). | ||
Providers may offer some access controls for the data they possess and process, but most of the time they are also the ones enforcing them, which renders them ineffective for restricting providers' access due to a conflict of interest. There may be legally binding promises of effectiveness of these controls in | Providers may offer some access controls for the data they possess and process, but most of the time they are also the ones enforcing them, which renders them ineffective for restricting providers' access due to a conflict of interest. There may be legally binding promises of effectiveness of these controls in their terms of service, but violations of policies established through these controls are difficult to detect and legal enforcement is difficult in general. | ||
===Less legal protection=== | ===Less legal protection=== |