A Trail of Bread Crumbs in the Cloud:  Metadata.

Feb 25, 2014 | Cloud Computing, Data Privacy

What is Metadata?

Metadata is the extra information added to or imbedded in the users’ input. An example would be when you take a picture and the location is automatically attached to the photo. This is great when you want to organize your personal photos by date or location. However, it might not be great if someone wants to be sure you are away on vacation-somewhere far away-so they can steal from your home. It would be easy for a thief to connect with his or her victims on social media, watch the GPS coordinates of posts and take advantage of opportunities. It also takes the guess work out of stalking someone. Or maybe a more common use of this type of information would be when an employer sees a post from Cancun after the employee is out “sick”.

Metadata is not only in pictures and includes more than just location information. Metadata is in the documents you write. Edits, number of prints, names of editors, dates and number or times a document was opened are all automatically recorded as well. You can opt to hide this information, but I’m not so sure it wouldn’t be recoverable.

Metadata in the cloud

Now that you have an understanding of metadata, you ask, “so what”?  You are probably thinking, “no problem, I just won’t post pictures online until I am home.”  Well, not so fast. Let’s say that you take all of your pictures with your iPhone and store them in the cloud whether it is iCloud or Dropbox etc. You will have metadata in the cloud. The location of your pictures is discoverable and recorded.

To a lot of people, this seems like a non-issue because they have nothing to hide. As a lawyer using the cloud, you should be aware of metadata being left behind which reveals a client’s identity or other types of privileged information. Typically, the presence of a third party destroys the attorney-client privilege. When using the cloud, is there an assumption of a third party? Even after removing your information from the cloud, could you ever ensure that the metadata won’t show up in someone else’s hands? Because there seems to be a trail of breadcrumbs left behind, should attorneys have an expectation of confidentiality during or after using the cloud? Even if you opted to hide the metadata, I don’t think you could be sure you have privacy in the cloud.  At least not yet…

Metadata in documents

Have you been in possession of a document and noticed it was authored by a stranger? You had no direct contact with the stranger, and yet the stranger’s name is in listed in properties of your document. This type of information could be very useful or very harmful to you in an adversarial proceeding. A history of changes to the document might also be visible. Knowing this type of information can be embedded in the document can help you know where to look for clues. You should also be mindful of the metadata when you send documents to others; be sure you know exactly what information you are sending.

Be aware that your documents have metadata embedded and if necessary. If you don’t want to include metadata, consider cleaning the metadata or sending a printed copy.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Lisa M. Angelo

I’m an attorney passionate about helping businesses use technology responsibly. For many years I listened to people describe a disconnect between lawyers and technology. My goal has been to bridge the gap. Please enjoy this blog about cyber law; where technology and the law intersect.