Search This Blog

Tuesday, June 21, 2011

Beefing Up Cloud Policies

Cloud computing offers small businesses a tremendous opportunity to save money and to gain access to the latest offerings and upgrades on the software front. But some changes are needed on the public policy front when it comes to the cloud.

What is cloud computing? Quite simply, it means firms are able store data on remote servers and/or use software provided by third parties via the Internet.

Small businesses clearly are interested in cloud computing, with many already working in the cloud. On February 3, 2011, for example, the Arizona Business Gazette reported: "A new study by MarketBridge, a tech-services provider, found that 44 percent of small and medium-size businesses are using at least one cloud-based service, and 70 percent say they'll do more in the cloud this year."

But there are questions about transparency, privacy and security. And government policy can play a foundational role in these areas.

For example, transparency would be enhanced by simply requiring that cloud providers make their privacy and security policies clear to all customers. This obviously provides valuable information for decisions made in the marketplace.

Also, hackers need to be dealt with more rigorously. Beefing up criminal penalties would serve as deterrence.

At the international, national and state levels, attempts to mandate where data centers are established must be resisted. Such mandates raise costs for cloud providers, and therefore, for cloud service customers.

Along these lines, it is important to separate legitimate security issues from trade policy. National security can be inappropriately used as an excuse for making demands on the location of cloud computing data centers. To the extent possible, security and trade policies need to be separated.

Greater clarity and consistency needs to be established at the international and state levels in terms of what laws prevail regarding cloud computing services. Conflicting laws can place cloud providers in a no-win situation when it comes to, for example, lawful demands for data in one jurisdiction, perhaps where the data center is located, that conflict with privacy laws in another place, such as where the customer is. Preferably, the laws where data centers are located should prevail when conflicts arise.

In the end, when it comes to international negotiations, the federal government should be working towards greater consistency in the laws governing privacy, security and government access to cloud data and information.

For markets to work and thrive, government does have a foundational role to play in terms of stopping and prosecuting fraud and other crimes, enforcing contracts, establishing fair and equitable laws, protecting property, and avoiding policies that inhibit the market. Cloud computing providers and consumers would benefit tremendously from the above common-sense, straightforward changes on the public policy front.


Raymond J. Keating serves as chief economist for the Small Business & Entrepreneurship Council.

No comments: