Safe Internet Alliance

As we enter a new decade, computer users increasingly ditch their USB drives, disks, and other storage devices, instead choosing to access their data and documents through the Internet. Whether it's uploading pictures directly to an online album like Photobucket or composing letters on Google Documents, these new applications allow us to perform tasks that would have been relegated to the desktop computer a decade ago. All this information would be uploaded and stored on server farms, of which acres are being built for companies like Microsoft, Google, and Amazon.

This system is often called cloud computing, and some predict that one day it could replace the operating system completely; in the OS's place users would only need a browser and Internet connection to meet all their computing needs.

But many companies and organizations are nervous or even outright bar their employees from using cloud computing, stating that hosting sensitive information on an outside server would pose a security risk. Indeed, many of these fears were fully realized when secret documents from Twitter were hacked and then subsequently released to tech bloggers last year.

Perhaps because of these security concerns, Safe Internet Alliance member Microsoft, a major player in the cloud computing space, is urging government regulation to address them. In a keynote address to Brookings Institution's "Cloud Computing for Business and Society" form, general counsel and senior vice president Brad Smith said that legislation should be passed to protect the privacy and security of cloud computing users.

To back up his position, Smith cited the results of a recent Microsoft survey that gauged feelings about cloud computing among business executives and the general public. Commissioned by Microsoft, the survey questioned 700 members of the public, 200 IT executives, and 200 senior business leaders in December.

Microsoft's survey found that 58 percent of the public and 86 percent of business leaders are excited about the possibilities of cloud computing. But more than 90 percent of them are worried about security, availability, and privacy of their data as it rests in the cloud. Microsoft said it also found that most of the people surveyed believe the U.S. should set up laws and policies to govern cloud computing.

As Politico reports, one of the problems with the lack of legislation on cloud computing involves the fact that courts have a "difficult time putting a monetary value on stolen data, whether it’s an e-mail or digital photo." Another legal question has to do with whether obtaining a search warrant for your information in the cloud is the same as searching through your home desktop computer.

So what forms of legislation need to be introduced or modified? Smith has a few suggestions:

* Beef up the Electronic Communications Privacy Act to more clearly define and protect the privacy of consumers and businesses.
* Update the Computer Fraud and Abuse Act so that law enforcement has the resources it needs to combat hackers.
* Establish truth-in-cloud-computing principles so that consumers and businesses know how their information will be accessed and secured.
* Set up a framework so that differences in regulations on cloud computing among various countries can be better clarified and reconciled.

Perhaps once these issues are addressed, more companies will venture away from desktop computing and drift upward into the cloud.