Policymakers can help increase confidence in the cloud by protecting consumers
As the United States struggles to emerge from the Great Recession of 2008, businesses and consumers are looking at increased use of technology as a way to reach greater levels of productivity. One technology that is meeting these needs is cloud computing.
Cloud computing allows businesses or consumers to store their information on remote servers or to use hosted software provided by third parties on an as-needed basis. Usually, all that most customers need to tap into the power of cloud computing is a browser and an Internet connection.
This approach, particularly for smaller businesses, allows people and businesses to focus on the core of their business instead of building their own IT framework. It allows businesses to let someone else handle data storage, security, upgrades, infrastructure expansion, and maintenance.
As with any emerging technology, there exist threats to the long-term success of cloud computing. And there is a volatile mix of market-based protections and government regulations that could help or hinder cloud computing providers.
One of the biggest threats is the way the business itself is organized. Today, users -- either businesses or individuals -- would rather put their trust in the hard-drive sitting on their desk than the rack server at some undisclosed and inaccessible location.
One recent study showed that consumers are beginning to recognize the tremendous potential for cloud computing. That same study, however, said that 90 percent of consumers, when asked about storing their personal data in the cloud, remain concerned about security, access and privacy risks.
But time, and improvements by cloud providers, will eventually nullify this concern. It is common for an emerging technology to be initially dismissed before it is wholeheartedly embraced.
Remember how Amazon.com, Netflix and Twitter were all thought of as passing fads?
Where there is the potential for continued explosive technological growth, there also exists the risk of overactive government regulators. Government can have a limited role in overseeing cloud computing, but any movement towards regulating this nascent technology should be based on clear principles.
First, data is extremely mobile. Therefore, policymakers should adopt principles like those related to free and open trade. Do not put geographic limits on data. Federal and state regulators will be tempted to keep state government data within its geographic boundaries.
But this limits the options of cloud services and could result in more government-owned and operated data centers in competition with companies that provide services. The public shouldn’t be used to compete against the market and drive operators out because a publically-funded operation always enjoys a competitive advantage.
Second, laws should be modernized to reflect the shift in computing power. The existing federal Computer Fraud and Abuse Act treats a criminal who hacks into a single PC the same as one who hacks into a cloud computing facility. Obviously, a hacker gaining access to a huge data center server could cause much more economic and personal damage than one who hacks into a single user’s hard drive.
Third, people’s privacy must be protected. As stated earlier, the main concern that users have with cloud services is a perceived “loss of control” of their business or personal data. “Who has the data? What is being done with it? Can I access it, edit it or delete it?”
These are natural questions. The answer could be transparency whereby people understand how their data is used and are able to have more control over who sees it and when – for business and government data, this is essential.
These problems can’t all be solved with government regulation, but Congress can address Fourth Amendment concerns by updating the Electronic Communications Privacy Act. If consumers have confidence that their personal or business data in the cloud is subject to robust privacy protections -- the same protections they have for their personal hard drive at home or in their office -- this will help allay some privacy fears.
Fortunately, the future of cloud computing will not depend on more government regulation. Since regulators (or Congress) often force themselves upon new technologies, the basic principles I described will help discourage damaging regulations and favor ones that actually foster more innovation and consumer confidence in an industry poised for robust and continual growth.