The relentless migration to the cloud requires strong encryption. Customers will demand it -- and snooping will be deterred Most of us would agree that the NSA has spread its nets too far and cut deeply into our personal privacy. Ultimately, and perhaps ironically, I am hopeful this transgression will leave us with better protection for our personal communication than ever before.I predict that more and more communications service providers will provide strongly encrypted communications by default. They’ll also do so in such a way that outside, unauthorized parties (the NSA, law enforcement, and so on) will not be able to get the plaintext access to data they currently enjoy — at least not as easily as they do today.Let me be clear: I’m speaking about my own beliefs about what will happen without a single shred of insider knowledge or intimation of a single company’s intent. No one has shared their plans or with me. You know as much as I know. But the world is going cloud in a big way. More and more of our data and communication is going to end up in the cloud via one avenue or another. There are economies of scale that simply can’t be achieved any other way. The cloud movement can’t continue if customers constantly worry about how easily third parties can access their data. How might cloud providers protect customer data? For example, a public cloud provider might turn on default encryption in such a way that no one except the customer has access to the private keys. The data might be stored in a public cloud but appear as gobbledygook to anyone but the client. The NSA or other law enforcement agents would have no incentive to ask for the data, warranted or unwarranted (in the legal sense) because all they’d get is encrypted data. Several of these services already exist, and it’s my strong personal belief that this model will become the norm.I think the end result of the NSA being caught with so many prying eyes is that the public world is going to become, well, less public. What used to be commonplace (unencrypted datastreams) will become rarer and rarer as the reminder of this decade. InfoWorld’s Galen Gruman even shared with me that W3C was reworking the HTTP protocol to require encryption for v2 compatibility — and that’s a good thing. Of course, law enforcement will still be able to compromise people’s privacy — grabbing data off the Internet isn’t the only way to capture people’s private messages. The NSA and other law enforcement agencies are quite adept at breaking directly into people’s computers or performing other hacks to get what they want. But it won’t be nearly as easy.My best guess is that the era of easy digital spying is coming to an end. Most people don’t want it. No private company wants it. Cloud providers don’t want it. In the computer security world I’m known as a curmudgeon, but here, I see hope. Related content analysis The 5 types of cyber attack you're most likely to face Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront By Roger Grimes Aug 21, 2017 7 mins Phishing Malware Social Engineering analysis 'Jump boxes' and SAWs improve security, if you set them up right Organizations consistently and reliably using one or both of these approaches have far less risk than those that do not. By Roger Grimes Jul 26, 2017 13 mins Authentication Access Control Data and Information Security analysis Attention, 'red team' hackers: Stay on target You hire elite hackers to break your defenses and expose vulnerabilities -- not to be distracted by the pursuit of obscure flaws By Roger Grimes Dec 08, 2015 4 mins Hacking Data and Information Security Network Security analysis 4 do's and don'ts for safer holiday computing It's the season for scams, hacks, and malware attacks. But contrary to what you've heard, you can avoid being a victim pretty easily By Roger Grimes Dec 01, 2015 4 mins Phishing Malware Patch Management Software PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe