Microsoft Calls for Laws to Ensure Privacy, Security in the CloudBy Jessica Davis | Posted 2010-01-20 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Customers will tell you that their main concern when it comes to moving their data to the cloud is privacy and security. Now Microsoft is calling on legislators and the administration to create laws that would ensure business and consumer privacy and security for data in the cloud.
If you’ve talked to your business customers about whether they have plans to
move any of their IT infrastructure into the cloud, you’ve heard the same set
of concerns—security and privacy.
Today Microsoft called on government leaders to take action to alleviate those concerns by passing legislation to modernize criminal law to address crimes committed in the cloud, update privacy laws and create truth-in-cloud-computing principles.
"Given Microsoft’s history with antitrust both in the U.S. and Europe, it is unusual to see them go back to the government to ask for this," industry analyst Rob Enderle told Channel Insider. "You would think they would have distrust for government and regulators."
But Microsoft’s actions in the wake of its experience demonstrates the importance the company places on creating such legislations to ensure that business and consumer information remains private and secure in the cloud.
"The Obama administration has been aggressive in terms of addressing problems before they occur," Enderle said. Brad Smith, Microsoft’s general counsel, in delivering this message in an address to the Brookings Institution, may be looking to get the administration to look at the future to prevent future problems rather than react to events after the fact, he added.
The address could not come at a more fortuitous time, in the days after Google publicly acknowledged that its own infrastructure was compromised and that it was considering pulling out of China because of the incident.
"We also need government to modernize the laws, adapt them to the cloud, and adopt new measures to protect privacy and promote security," Smith said in his keynote address to the Brookings Institution’s "Cloud Computing for Business and Society" forum on Jan. 20. "There is no doubt that the future holds even more opportunities than the present, but it also contains critical challenges that we must address now if we want to take full advantage of the potential of cloud computing."
Smith called on the federal government to create a Cloud Computing Advancement Act that would include "truth-in-cloud-computing" principles so that consumers and businesses would know how their information would be accessed and secured.
While news of new regulations to learn and follow may not inspire many VARs or MSPs to stand up and cheer, Enderle said that the new rules would not likely be too onerous.
Any new regulation places more burden on the smaller businesses, he acknowledged, but in his view these would be most like restaurants needing to publish nutritional information.
Of course, any time the government gets involved there is a risk it could get carried away, he said. But most likely these will just be disclosures that businesses could post on their Websites.
Such new rules are the next step for technology, according to Smith.
"The PC revolution empowered individuals and democratized technology in new and profoundly important ways," Smith said. "As we move to embrace the cloud, we should build on that success and preserve the personalization of technology by making sure privacy rights are preserved, data security is strengthened and an international understanding is developed about the governance of data when it crosses national borders."