Privacy Issues with Web2.0

The concept of 'Software as a Service' is the driving force behind the so-called Web2.0. This emerging paradigm will lead to lots of user data being gathered at web servers of the service provider. Google's upcoming GDrive is one such service that is in the offing. Imagine users storing their personal data at Google servers with Google's assurance that their privacy will be preserved. But what happens if the Governement decides that it needs to have access to that data and force Google to make it accessible ? This would obvioulsy mean a serious blow to the user trust in a specific technology. So what about storing the data in encrypted format? Problem is that the encryption/decryption of the data will still be done at the server side making it a potential weak link. What if the employed cryptosystem allows users to do the encryption and decryption in their local resources and then store the data in encrypted form at the server. In a naive implementation, this would lead to serious performance issues. But our work on Homomorphic cryptosystems, suggests that certain operations can be performed on the ciphertext such that corresponding functions will be automatically applied to the underlying plaintext. This has useful implications in allowing users to efficiently manage encrypted data on the remote untrusted servers.