Cloud computing has been widely beneficial for sharing information and creating globally interconnected networks. It allows companies and consumers to access software and information that is stored remotely on a server, saving businesses the expense of having to install the software on every computer for every employee. While cloud computing has revolutionized the way in which global corporations operate, it has also jeopardized consumers’ digital privacy.
Let’s put it this way: if you have ever used a Google application like Google Docs or Google Sites, you’ve stored information via the cloud. That information is being housed in an off-site location on a remote server where users are able to access it from any internet-enabled device. Since that information is no longer solely accessible from your computer, it is likely able to be accessed by others. The problem lies in who could be accessing this information and what they are doing with it.
On Jan. 28, the Microsoft Innovation and Policy Center in Washington D.C. held a conference regarding the challenges of cloud computing in the digital age. Douglas Gansler, Maryland’s Attorney General, spoke at the event, and addressed the issue by announcing his new national digital privacy initiative, “Privacy in the Digital Age.” The initiative will create a specific unit within his office that will work to protect the privacy of online users.
“This is the biggest consumer protection issue of the 21st century,” Gansler said. “To us, [the cloud] is very new as a problem … the technology is just so far ahead of the laws.”
Gansler, who is the current president of the National Association of Attorneys General, discussed the ways in which cloud computing gives companies access to consumers’ private information. For example, when consumers purchase items online and subsequently see advertisements for products similar to the one they purchased, that is a result of cloud companies selling consumer’s purchasing information.
Gansler questioned the ethics of cloud computing: “If these companies can look at my Gmail, how is that different than listening to my phone calls? It’s really not,” he said.
Gansler’s initiative will place digital privacy security groups in Attorneys General offices to ensure that cloud computing companies are following state and federal consumer protection laws. The initiative will also focus on geo-location tracking and cyberbullying. According to Gansler, the interdivisional privacy protection unit has reached out to Facebook in attempt to form a coalition that would enable the site to remove negative content— specifically cyber bullying—directed toward minors. Though Gansler understands that Internet companies will try to “hide behind the First Amendment,” and acknowledges that while certain “threats” are protected, he hopes that the proposed union with Facebook is successful.
Brendon Lynch, Microsoft’s Chief Privacy Officer, moderated a panel of experts who also spoke and answered questions regarding cloud computing at the conference as well.
Deborah Peel, M.D., the founder and chair of the Patient Privacy Rights Foundation, was the first on the panel to speak. She said, “We define privacy as the right to control your information as an individual. And with the cloud, that’s being taken away from us.”
Peel founded PPR in 2004 and it has been the leading advocate for consumer healthcare privacy ever since. She explained that while cloud computing has the potential to benefit the healthcare field, it has to be approached through an individual perspective rather than a corporate outlook.
“We think that decisions about privacy should be made by individuals, not by policy. We need to figure out how to do privacy in a meaningful way, with technology,” she said. “We have ethics in medicine, why can’t we have corporations and people be guided by ethics when the laws haven’t caught up?”
Urs Gasser, the executive director of the Berkman Center for Internet and Society at Harvard University, views transparency as the most prominent challenge for cloud computing. He raised questions regarding the consumers’ expectations of privacy, where data is being stored, what the technology is really doing with the data.
“How do we draft the appropriate laws and implements to safeguard cloud computing? In short, we don’t know enough about the cloud and privacy,” Gasser added.
Gasser used the Family Educational Rights and Privacy Act (FERPA) as an example. FERPA is a federal law that grants students access to their education records and gives them some control over what is disclosed. However, since FERPA was written in 1974, without knowledge of the cloud, Gasser questions whether there should be new regulations as to how to follow the act.
Though Paul Ohm, a senior policy advisor for the Federal Trade Commission, is a proponent of the cloud, he still has concerns as to how companies are using consumer information. Specifically, he mentioned business models that collect consumer information now to sell for a profit in the future. “I would let your customers know at the outset if you’re going to monetize their data,” he warned.
Ohm also explained that since cloud computing has become so ubiquitous, all Internet users need to be aware of where they’re entering and storing their information.
“The efficiencies of the move to the cloud are hard to quarrel with,” Ohm said. “The inability to embrace the cloud or big data is a brand of dishonor, it means you’re not advancing.”
Ohm said that in order to embrace privacy, companies using cloud computing need to be held accountable to common rules and regulations that have repercussions. He explained that traditionally the people who were analyzing consumer data were universities and large companies who adhered to certain standards. Now, however, anyone with a computer can be a human researcher.
For Ohm, company cost reduction and advanced productivity are two reasons why he argues for the cloud, despite its apparent flaws. “If I had a magic wand and I could rework the Internet, I’d keep the cloud,” he said.
However, as for Gansler, he has a different outlook: “I wish we lived in a world that didn’t have all these computers,” he said, “it’d just be more simple.”
Though consumer privacy and protection laws haven’t yet caught up with the technology of the cloud, they are in the works. With initiatives like Gansler’s and with ongoing expert discussion, it is only a matter of time before privacy regulations are federally protected.