Parler's Russian data storage has "potentially massive" security implications

Parler's Russian data storage has "potentially massive" security implications

Parler social media on mobile 16.9.jpg

Right-wing social network Parler could find itself aiding Russia and China as it looks to stay online by circumventing global data laws.

January 8 saw Parler dropped from a number of its technology services after it came to light that Its platform was used to help coordinate the insurrection at the US Capitol on 6 January.

The ban came from the likes of Apple and Google which dropped the social networking app from its respective app stores, but the biggest blow came from Amazon, which also dropped it from its AWS cloud service.

On 17 January Parler came back online as a static webpage only, rumoured to be now working with DDoS-Guard, a Russian company offering cybersecurity services and web hosting.

Further to that, there have been accusations that “Parler’s data flows through a DDoS-Guard server registered to an address in Belize, which cybersecurity experts believe is a tool to protect the true identity and location of Parler’s web host”, according to Bloomberg.

Speaking on the subject, digital security expert, David Janssen told Capacity: “The security implications are potentially massive because the Russian government, like the Chinese, essentially has carte blanche to do what it wants with any and all data stored in the country.

51005

“Moscow can request access to Russian DDos-Guard’s data whenever it feels like, without a subpoena. Knowing how the FSB operates, the data might not even be requested, simply accessed--to say nothing of non-government-affiliated hackers in the region. You can imagine the potential treasure-trove of scandalous information this all represents to the Kremlin and the threat posed to global Parler users.”

Though all these claims have so far been speculative, should Parler decide to continue using Russian servers to host its content or reroute user data, it's not unlawful but  “attempting to bypass the Patriot and Cloud acts is, and there may be specific local laws dictating this transfer”, says Sophie Chase-Borthwick, vice president of data ethics and privacy at Calligo, an end-to-end managed data services provider.

There will be more on this story in the next issue of Capacity magazine, out later this month. 

Gift this article