From the beginning Gmail has had a very good spam filter. Now Google added a nice new feature explaining why a mail lands in the Spam filter.

So starting today, we’ll be showing a brief explanation at the top of each of your spam messages. Simply look at any message in your spam folder and now you can find out why it was put there and learn about any potentially harmful content within the message.

But does anyone except me still look into the Spam filter to check the messages that the mail client thinks are spam but aren't?

Germany has a strong law about data security. This makes using the cloud problematic. An article in german computer magazine c't describes why this is the case.

The data security law

The data security law (Bundesdatenschutzgesetz) prescribes that extra care should be used when handling personal data. Examples of these are names, addresses, email addresses.

"Cloud services" that store data in foreign countries make the data security situation more complicated. For countries without acceptable level of data security this is not allowed according to German law.

Because of the cyber security act of 2009 the safe harbor agreement can be circumvented for the USA. That means that except for european countries only the safe-harbor-countries Switzerland, Canada , Argentina, Guernsey and the Isle of Man can be used for cloud services in Germany. Because Google and Apple don't have their servers in these countries they can't be used.

Who trusts whom with what?

The trust question is the next problem. Who guarantees how that the data stays the same and that it stays private? According to c't this needs to be governed by individual agreements. Which Apple and Google don't do.

By the law

Cloud storage is relatively new but the law moves slowly. So it's not surprising that there is not much jurisdiction on this topic. It's not in Google's or Apple's interest to clarify the data security for their users. This means that the users have the full risk when using their services.

Whoever wants to manage their data security - at least in Germany - better uses a European Cloud provider. This is the conclusion by c't.

Conclusion

The cloud is so convenient even if it doesn't replace a backup.

The cloud providers like Apple and Google as usual take the easy way out. "Use my services and cope with the consequences." could be their motto. For big companies negotiating deals with cloud providers shouldn't be a problem. But how many smallish companies have the expertise to do this? Do we need more regulations in this area?

In the past the big companies like Apple, Google or Facebook have shown that privacy issues aren't really their concern. This needs to change.

Via Tidbits I found a story where James Fallows from The Atlantic

describes how his wife's Email Account was hacked

what they went through to recover years of stored messages. It’s a compelling tale that will hopefully bring home the need for secure passwords and offline backups of cloud-based data.

2 weeks ago I posted a nice article about getting the mailfolders for Outlook 2011. The script was taking between 1 and 80 seconds. After some testing I found the culprit: to test Mail Archiver I usually load my 100.000 mails from Google into my email clients. Turns out that Outlook really doesn't like this. At every start I was greeted for long seconds by the lovely screenshot below.

The beginning: a malfuntioning spam filter

Original at: Flickr