Today's digital age has led to tremendous breakthroughs in science, technology, and innovation. One innovation in particular, "cloud computing," or utilizing the Internet for technologies such as online collaboration and data storage, has provided businesses and consumers with a new era of products and services.
While the benefits of these new technologies are clear - accessing data at your fingertips whenever and wherever you want - these benefits also come with challenges. The recent security breaches reported by Google last week once again make this abundantly clear.
We need a safe and open cloud - a cloud that is protected from the efforts of thieves and hackers while also serving as an open source of information to all people around the world. It may sound impossible to have both of these things at the same time, but it is not. Although neither goal may be fully achieved today, we must keep striving to reach them. As more services move online, we need to take new steps to protect the rights of consumers and global citizens in the digital age.
According to a recent survey conducted by Microsoft, more than 90 percent of Americans are using some form of cloud computing; nearly all of us are connected to the cloud. But stop for a moment. Do you know what your rights are in the cloud? Are you confident that your privacy is being protected? If you live in one country but your data is stored in another, whose laws govern? These questions about privacy, security, and international sovereignty require immediate attention.
Asking legitimate questions about cloud computing policies is not the same as questioning the legitimacy, or benefits and advantages, of the cloud. This one innovation holds the potential for tremendous cost savings and flexibility, while also making data more accessible and portable. Yet as we move to embrace the cloud, we also must ensure that we maintain the basic rights people receive today.
For example, the Internet should not be a "town square," where anyone wandering the street can get a peek at what you are doing. But current law is not clear about how to deal with privacy concerns as they relate to the cloud. Users' privacy is something that businesses, governments, consumers, and other key stakeholders must seriously address.
In addition, as security experts have attested, there can be security benefits from cloud computing. At the same time, however, the recent Microsoft survey showed that more than 90 percent of Americans expressed concern about the security, access to, and privacy, of their data in the cloud.
And, of course, these issues are global: users need to know that their data and applications will be subject to consistent rules regardless of where they are hosted. The potential for conflicting rules and regulations between countries could subject cloud providers to liability for content over which they have little control and could make it difficult for users to know what laws govern their data.
These are important issues that require thoughtful solutions. Just as industry and government can benefit, they also must work together to find appropriate solutions to address the challenges that cloud computing presents. Failure to do so is likely to slow industry development and consumer adoption, thus inhibiting the full growth and potential of cloud computing
Congress can and should take thoughtful, constructive action to advance cloud computing. The country needs a "Cloud Computing Advancement Act" to enhance privacy and security protections in the cloud computing era and foster the development of the cloud. Under this proposal, there would be:
Cloud computing offers many potential benefits, but those benefits will not be realized unless privacy rights are maintained, data security is strengthened, and questions are settled about how data is governed when it crosses national borders. Quite simply, we need responsible action now.
1) What security infrastructure does the vendor have
2) What is its data protection record
3) How many years has the company been in business
4) Has it outsourced its hosting facilities etc.
We had recently done an article on this - http://www.hyperoffice.com/saas-reviews-for-smbs/
Certainly, I'm in favor of improving/modernizing outdated laws and the underlying legal concepts regarding digital security. But the attempt should be even-handed with regard to providing both protection for companies engaged in software-as-a-service (and their customers) and other means of using computers such as local applications.
If you can address internet security adequately, then cloud computing will benefit along with the rest of us, but if basic security is left unaddressed in favor of focus on software-as-a-service, then your good intentions become just another costly governmental boondogle.
They are so outdated that if you have a plain-text email, sitting on a server belonging to a third party, that it isn't a violation of your rights for the government to search it without obtaining a warrant, unless your contract with your email provider specifically states that you reserve your rights.
The ACLU of Northern California has a "Demand Your dotRights" campaign so that internet users can learn about privacy on the internet and can demand laws to protect personal information. Check out our page on cloud computing: http://bit.ly/5mXK3S
- ACLU of Northern California