Reasonable Expectation of Privacy From Web Hosts? 287
Shafted writes "I'm in a bit of dilemma, and I'm wondering what fellow Slashdotters think regarding this subject. I've been hosting web sites for some clients for years using my own server. About a year and a half ago, I got a reseller account with a company that will remain nameless. They are, however, fairly large, and they did come highly recommended. Other than the usual slow tech support, occasional server overloading, and... well... typical support staff, it's been pretty good and has saved me from having to deal with problems like hardware and driving down to the colo at 4AM to figure out a routing problem. All-in-all, it was acceptable. Until yesterday, when I was asking for a relatively minor email-related fix, and by the tech support staff's response, they had accessed my MySQL database directly and looked at the contents; presumably, in order to tell me what I was doing wrong. Regardless of the fact that they missed the boat with regards to the support question, I found it surprising that they would access my database data without my consent. When I asked them why they were accessing the database without my permission, they've pretty much ignored me, despite repeated requests asking why they think this is acceptable. So, my question is this: Do I, as a customer who, according to the acceptable use policy, owns my data, have a reasonable expectation of privacy for the data which I own, despite it being hosted on a third-party's server? Or do web hosting companies have the right to poke around at everyone's data as they see fit?"
Read below for the rest of the question.
Shafted continues: "I did get a response from one of the higher-ups, who said it was ok - they were perfectly within their rights, and their privacy policy supports that. Problem is, I've read the privacy policy, terms of service and acceptable use policy, and nowhere does it make mention that they have the right to look at files or data. It does indicate that I am the one who owns the data (presumably to cover copyright infringement). Another fellow indicated he felt that, as site admin, he had the right to look at whatever he wanted on the site, whether it's his data or a customer's (he, from what I can tell, is not an employee). I can understand looking at data to determine whether it violates the AUP or TOS, provided that it's justified (i.e. a scanner or audit indicates that something fishy is going on). But since I haven't violated the AUP or TOS, do they have this right? Is this something all web hosting companies do? If it isn't expressly stated, either that they do or do not have the right, does that automatically give them the right? Is this an industry norm, or did someone make a mistake and they're simply unwilling to admit to it? I'd really like to hear what some of you have to say, knowing that many of you probably have sites hosted by third-parties, and some of you may work for web hosting companies. Since this is the first one I've ever dealt with, I'm unsure whether I should expect this anywhere else, and if so I may end up going back to self-hosting."
I've had worse. (Score:5, Interesting)
We had some affiliate software, X, on our servers.
The internal mailing script was buggy, so I'd written another one, scrapeX.php.
We had some unrelated problems, which required them to have access to parts of the box.
All of a sudden, I'm receiving confirmations of email receipts: their incompetant 'tech' had fixed the problem, then poked around, found a script scrapeX.php and thought: well, I'd better run this, to see what it did - and ended up mailing all our clients.
Action taken: a virtual shrug.
You have to bear in mind that on hosts that are geared towards entry-level users, that the clients have a tendancy to destroy things in ways possible, which is why they probably did a look around, similarly how when you call your ISP for issue X, they normally give the list: is your power on, can you ping this, can you do that..
I don't know if it's legal, but it's unethical. (Score:5, Interesting)
Who is this hosting company, and why are you protecting them? People should know what they're getting into when they enter into an agreement, and it sounds like this company isn't doing that. I don't know if this is "industry standard", legal, or whatever, but I'd run away very fast from this hosting company. Find another hosting company that'll give you assurances in writing that they won't look at your data without your permission. They can't ALL be douche bags.
Lemme guess, Dreamhost? (Score:5, Interesting)
Dreamhost repeatedly did this to me when I was hosting with them. They even modified my databases more than once. Mainly adding indexes (including ones that already existed...), but they changed the type of a column once.
That's one of the many reasons I'm not using them anymore.
Half of you replying are missing the point... (Score:5, Interesting)
Half of you people replying are completely missing the point of the post. He is NOT Co-Locating a server, he is a reseller. He is using the companies equipment and hardware. He owns absolutely nothing hardware wise.
As such, the company is perfectly within their rights to inspect what data is being stored on their servers, in a SHARED database. He's not the only customer using that MySQL server. He is not the only customer using that CPU, that hard drive, that webserver.
The hosting company has every right to be sure there is nothing in the database or elsewhere that is going to compromise the other customers.
That's why you colo a server. Then it's YOURS and YOU control access to it. No one is going to be inspecting anything on it without your consent or at worst, if they hack your password and/or reboot it without your consent into single user mode. Either way, then you'll know something hinky was going on. Whereas if you are just a "reseller," the hosting provider can do whatever they want as root on a box you do NOT own.
So yeah... if the original poster doesn't like it, he needs to colo a server. If he doesn't want the hassle of that, then you're at the mercy of the system admin.
first lesson of outsourcing (Score:3, Interesting)
While you can discuss the ethics or morality of having strangers accessing (or worse, changing or "accidentally" destroying it - ooops, there goes another database), the fact is that once it's off your site, it's out of your control.
Wasn't there a case recently of some politician who got their records "snooped" by an outsourced operation - consider yourself lucky that all they're doing is looking. It's not impossible to think that they could take any code you written, or sell off credit card details from your database.
Second law of outsourcing: you're tacitly admitting that someone else can run your operation better/cheaper than you can.
Re:encrypt your data or dont co-lo (Score:1, Interesting)
Amen to that, & it's no different on even website forums for instance, in their "private messaging" (which is ANYTHING but that) sections (for messages between users but not seen on the public forum itself) - E.G.-> Tim Tibbetts of Majorgeeks.com told me in person, verbatim, he quite regularly scanned others' pm's in fact to see what was going on, private messaging section or not, while I was in conversation with he in person (used to be somewhat friends w/ he, but after that, & some other things? LOL, no way).
Shared hosting is for the birds (Score:3, Interesting)
I assume you're using shared hosting. It's a cheap and easy option, but you give up all control of who is on your server, and what they are doing.
I primarily use VPSes for many reasons including this one. It's a great middle ground between colo and shared hosting, where the host is in charge of giving me hardware and network support, and that is all.
There are many good VPS providers out there. I personally prefer XEN based hosts to OS level virt like OpenVZ that powers most of the market.
http://vpslink.com/xen-vps/ [vpslink.com] and http://slicehost.com/ [slicehost.com] are some of the better services I've used, but there's plenty more out there.
Re:encrypt your data or dont co-lo (Score:1, Interesting)
Doesn't asking them to fix your server imply permission? Or do you need to get a signed form every time you change directories when you're trying to help someone out at 3 in the morning?
Re: People looking (Score:5, Interesting)
Isn't this the great flaw of Cloud Computing?
No, because that's what encryption is for. I use Jungle Disk to mount my Amazon S3 data as a network share on all of my systems.
Jungle Disk allows me to encrypt my data before it is sent to Amazon's servers. Short of cracking the 256-bit AES key the data is encrypted with, Amazon can't dig through my data.
Maybe for a web-based application, this wouldn't make sense, but at least in terms of storing my data in the "cloud" for retrieval and use by various client-side apps, there's no "great flaw".
Re: People looking (Score:3, Interesting)
I don't know if it's the great flaw. There are multiple costs you have to weigh.
It seems to me that vendors would key into it and charge premiums for more protection. That's the solution I would expect, the googles of the world will just charge more of more privacy, and that's kind of fair. The fact that those people were reading your database wasn't too alarming, the fact that they could do so so easily is a bit more, all it takes is one flawed SQL statement and they might not your application down.
Some of this is the LAMP stack, it's just not built with auditing in mind, some of the larger databases out there will audit that kind of access. Some of it is also cheap co-location, adding that kind of auditing takes more work. I'm guessing if it was a mysql "shop" that there are one or two accounts that support uses to poke around when they get calls. Hopefully their people are trustworthy, that might be the worst of it; what you'd hope for is that they'd have an audit log of accesses to your data and should an employee be fired or quit you'd at least have some hope of tracking stolen data back to them.
A better line of questioning might be to have a list of their employees that have accessed your data. They probably won't have an answer.
You can always colocate a whole machine or build your own datacenter, there is a lot more to it that most people generally think and it's usually quite a bit more costly than the $50 a month for a "virtual server" but you can control who looks at your data a little bit more.
Another cost is just what is it you're hosting? If you're running a business, then maybe it's worth more and justifies the expense of a more private solution. If it's your blog then I don't know if I find the idea so objectionable at all.