Archive 360 Email Archive Migration Blog

How Apple's Fight with the FBI Affects Your Data Migration Plans

Posted by James McCarthy, Esq. on February 19, 2016

How Apple's Fight with the FBI affects your data migration plansThe United States and the global technology community are engaged in a fight over national security and privacy, with national security winning the last round against Apple. On February 16, 2016, a United States federal judge directed Apple to assist the Federal Bureau of Investigation (FBI) by creating software to operate as a “back door” to bypass its own encryption protections on the ubiquitous iPhone.[1] In a case involving the FBI’s investigation of a tragic shooting in California, Apple’s CEO, Tim Cook, quickly issued a public rebuke of the Order. Citing Apple’s concerns that the tool they have been ordered to create is a ”key to an encrypted system…that unlocks the data, and…[O]nce the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes.”[2]

Data Migration is an Immediate Issue Because of "Staging" on Third Party Servers 

Despite an anticipated legal challenge by Apple, this latest ruling presents an immediate issue for not only all US companies but all EU and EMEA companies engaged in data migration projects with US vendors. Most tools used by data migration companies operate by way of copying or moving a customer’s data to their own servers (or worse, servers they rent from third parties). This process is known as ”staging” This practice places personal and business information created in the EU/EMEA within the jurisdiction of US authorities because the data is transported to US servers (not necessarily servers physically located in the US) during the migration process. As Apple’s CEO warns, the ruling is not limited to any particular device and translates into a virtual all access window to stored data by US authorities (and any hackers) using the “master key”, despite state of the art encryption methods.

Inconsistent Rulings Affect Data Migration & Privacy 

Companies are still reeling from last year’s inconsistent rulings in two cases affecting the transport of data across borders. In one case, US authorities were granted access to EU resident data stored by Microsoft in a data center located in Ireland.[3] In the Schrems case, however, the EU ruled that companies may be subject to sanctions if such personal data of EU residents is not protected from the reach of U.S authorities. [4] The latest ruling this week now jeopardizes progress made in the negotiations toward a "EU-US Privacy Shield” designed to strike a deal between protecting data privacy of EU residents and US companies’ ability to transport data across borders. This deal became necessary after the EU struck down the Safe Harbor Agreement as a result of the Schrems case.

Companies Should Minimize Risk by Avoiding Third Party Servers

Clearly this is a highly fluid situation and companies need to minimize risk here, given the uncertain state of affairs with data privacy. Aside from the obvious concerns with data being stored (even temporarily) on a third party’s server, the recent rulings make it that much more critical to be aware of these ongoing data privacy issues. For companies engaging a data migration company, the solution is simple: demand a migration tool that does not house data on third party or vendor servers.

Archive360 Data Migration Tools Don't Use Third Party Servers

Archive360’s migration tool is already the fastest in the industry by far [5] and does not utilize any third party servers either during the migration process. All of your information is migrated to the target destination directly from your server environment, without replicating the data on a second server. Bottom line: when you use Archive360, the deal will not get hung up in your legal department waiting to figure out how to handle the privacy issues and data breaches that other companies’ practices introduce. Simply stated, Archive360 is the fastest and most secure product for your company’s migration.

 As the industry leader in email archive migrations, Archive360 has extensive experience of assisting corporations in migrating custodial data (both active and archived) to new locations, in compliance with US, EU & EMEA privacy laws. For more information: www.archive360.com or info@archive360.com.

Learn more about Archive360's Data Migration Integrity 

 Request a Demo of Archive2Anywhere

Resources

[1] In the Matter of a search of an Apple Iphone seized during… Docket No ED-15-0451M, Central Dist. of California ]

[2] See Apple CEO Tim Cook’s Statement Feb 16, 2016 http://www.apple.com/customer-letter/

[3] In the Matter of a Warrant to Search a Certain E-mail Account

Controlled and Maintained by Microsoft Corporation, Docket 14-2985 (US Ct. App, 2d Cir 2015)

[4] Maximillian Schrems v. Data Prot. Comm’r (E.C.J. 2015); See also Statement by EU found at http://ec.europa.eu/justice/data-protection/article-29/press-material/press-release/art29_press_material/2016/20160203_statement_consequences_schrems_judgement_en.pdf

[5] See PRNewswire/NEW YORK –Jan. 14, 2016- Archive360; 6.2 petabytes transferred in FY2015 representing 2.2 million users and 80 billion emails with 99.9% accuracy rate.

Topics: Data Privacy

Subscribe to Our Blog