Today's digital age has led to tremendous breakthroughs in science, technology, and innovation. One innovation in particular, "cloud computing," or utilizing the Internet for technologies such as online collaboration and data storage, has provided businesses and consumers with a new era of products and services.
While the benefits of these new technologies are clear - accessing data at your fingertips whenever and wherever you want - these benefits also come with challenges. The recent security breaches reported by Google last week once again make this abundantly clear.
We need a safe and open cloud - a cloud that is protected from the efforts of thieves and hackers while also serving as an open source of information to all people around the world. It may sound impossible to have both of these things at the same time, but it is not. Although neither goal may be fully achieved today, we must keep striving to reach them. As more services move online, we need to take new steps to protect the rights of consumers and global citizens in the digital age.
According to a recent survey conducted by Microsoft, more than 90 percent of Americans are using some form of cloud computing; nearly all of us are connected to the cloud. But stop for a moment. Do you know what your rights are in the cloud? Are you confident that your privacy is being protected? If you live in one country but your data is stored in another, whose laws govern? These questions about privacy, security, and international sovereignty require immediate attention.
Asking legitimate questions about cloud computing policies is not the same as questioning the legitimacy, or benefits and advantages, of the cloud. This one innovation holds the potential for tremendous cost savings and flexibility, while also making data more accessible and portable. Yet as we move to embrace the cloud, we also must ensure that we maintain the basic rights people receive today.
For example, the Internet should not be a "town square," where anyone wandering the street can get a peek at what you are doing. But current law is not clear about how to deal with privacy concerns as they relate to the cloud. Users' privacy is something that businesses, governments, consumers, and other key stakeholders must seriously address.
In addition, as security experts have attested, there can be security benefits from cloud computing. At the same time, however, the recent Microsoft survey showed that more than 90 percent of Americans expressed concern about the security, access to, and privacy, of their data in the cloud.
And, of course, these issues are global: users need to know that their data and applications will be subject to consistent rules regardless of where they are hosted. The potential for conflicting rules and regulations between countries could subject cloud providers to liability for content over which they have little control and could make it difficult for users to know what laws govern their data.
These are important issues that require thoughtful solutions. Just as industry and government can benefit, they also must work together to find appropriate solutions to address the challenges that cloud computing presents. Failure to do so is likely to slow industry development and consumer adoption, thus inhibiting the full growth and potential of cloud computing
Congress can and should take thoughtful, constructive action to advance cloud computing. The country needs a "Cloud Computing Advancement Act" to enhance privacy and security protections in the cloud computing era and foster the development of the cloud. Under this proposal, there would be:
- Improvements in privacy protection and data access rules to ensure users' privacy, starting with reforming and strengthening the Electronic Communications Privacy Act to clearly define and provide stronger protections for consumers and businesses;
- Modernization of the Computer Fraud and Abuse Act so law enforcement has the tools it needs to go after malicious hackers and deter instances of online-based crimes;
- Truth-in-cloud-computing principles to ensure that consumers and businesses will know whether and how their information will be accessed and used by serviced providers and how it will be protected online;
- Pursuit of a new multilateral framework to address data access issues globally.
Cloud computing offers many potential benefits, but those benefits will not be realized unless privacy rights are maintained, data security is strengthened, and questions are settled about how data is governed when it crosses national borders. Quite simply, we need responsible action now.