Skip to content

Does the Cloud Need Federal Regulation?

by on November 29, 2010

Should the federal government regulate the cloud? Apparently, Microsoft thinks so, and has asked Congress to pass legislation to regulate cloud computing.

Government_regulation Speaking at the Brookings Institute in Washington, D.C early this year, Microsoft’s General Counsel Brad Smith declared:

“We need Congress to modernize the laws, adapt them to the cloud, and adopt new measures to protect privacy and promote security. That’s why we’ve concluded that we need a cloud computing advancement act that will promote innovation, protect consumers, and provide the executive branch with the new tools needed for a new technology era.”

Smith called on Congress and the President to address three major areas affecting the cloud: privacy, security and international sovereignty.

A touchstone for privacy in the electronic arena has been the Electronic Communications Privacy Act (ECPA) of 1986, Smith noted. “Over the past two decades, technology has moved forward and the law has become increasingly antiquated as a result,” he argued.

He said that Microsoft was supporting the efforts of the Center for Democracy and Technology in the privacy area. According to the center, “A guiding principle for such reform should be technology neutrality, so that information stored in a remote computer enjoys the same Fourth Amendment protection it would enjoy if stored on the user’s desktop computer.”

In the security area, Smith recommended that Congress establish statutory penalties for theft of content. Such penalties will give prosecutors more clout when pursuing information thieves.

By the same token, Smith advocated stiffer penalties for hacking into data centers. “Right now the level is the same as for hacking into an individual PC even though the scale couldn’t be more different,” he observed.

Congress, he continued, should also clarify existing law so it’s clear that service providers may pursue a private right of action for security attacks against their piece of the cloud.

Just as there are truth in lending laws, Smith noted, there should be a “truth in the cloud” code so consumers and businesses know how their data will be accessed and used by service providers, as well as how it will be stored and protected online. “[I]t shouldn’t be enough for service providers simply to say that their services are private and secure,” he avowed. “There needs to be some transparency about why that’s the case.”

And on the international level, he called for governments to adopt a free trade agreement for data and information. “While a multilateral framework would require substantial diplomatic, leadership, and resources, it is definitely a cause worth embracing,” he maintained.

What do you think? Does the cloud need government oversight?

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: