Law of the Land: The Importance and Challenges of Privacy Protection in the Cloud
Security breaches have become all too common in recent years. Whether it’s the breach at Target that revealed the information of millions of customers or the Sony hack that caused so much controversy, security breaches can cause a lot of damage, often taking years to recover. Beyond cyber attacks, many people and businesses around the world are still trying to come to grips with the recent revelations of government surveillance from Edward Snowden. More people than ever are using the cloud, and that means their personal data is out there as well. In the wake of the Snowden controversy, the continuing cyber attacks, and the cloud’s growing popularity, businesses, private citizens, and governments are showing greater concern over the protection of privacy when it concerns cloud computing. In fact, it’s more important than ever before to ensure privacy protection through legal means, but at the same time, achieving that goal is becoming far more difficult.
Whether individuals realize it or not, their personal information is being collected every day. This is most common when someone uses a free online service like Facebook or Twitter. Though they may not pay a monetary price for those services, they instead have their personal data collected, which can then be traded to other parties. This data is particularly valuable, and since many people aren’t even aware it’s collected, they haven’t shown as much concern over their privacy being protected in the past. Much of that changed after the Snowden incident, where U.S. government surveillance methods were revealed to the public. Now, privacy protection when using cloud computing has turned into a more pressing priority, but much work remains for governments and cloud providers to find a workable solution.
While there’s no denying the benefits of cloud computing, there are still many questions underlying who exactly owns the data that’s stored and processed in the cloud. These questions have lead to many delays over enacting laws and regulations meant to address the cloud privacy issue. Generally speaking, Europe is further ahead of the curve in privacy protection compared to the United States. The European Commission has enacted the General Data Protection Regulation, which more effectively protects the privacy of European individuals, and is created in such a way that adjustments can be made as technology changes. These regulations also require businesses in the U.S. to comply with European law if they wish to conduct business in any European country.
Europe isn’t the only place trying to enact privacy laws to protect information in the cloud. Australian has created its own law — titled the Australian Privacy Act — which features such provisions like disclosing where servers are hosted and requiring providers to ensure steps are taken to prevent unauthorized access to protected data and avoid personal data loss. The idea is to help individuals retain more control over how much of their data is used and what that data is used for.
While these efforts to protect privacy are encouraging, creating new laws and regulations worldwide is still a significant challenge. The attempt by the U.S. to enact the USA Freedom Act — which was meant to enhance government transparency in data collection — was met by failure. This dead end can create even more problems in the future, since government regulations about technology tend to be several steps behind current problems. The delay in effectively enhancing privacy protection isn’t just a concern for individuals; cloud providers are feeling the pinch as well. With so much focus being placed on protecting personal data in the cloud, vendors need to spend a good amount of resources protecting themselves not just from cyber attacks but from government spying. Cloud providers have also needed to work harder to regain the trust of customers, who are much more worried about what happens with their data when it’s sent to the cloud. Until international laws and regulations become more uniform and technology-specific when it comes to privacy protection, cloud providers will need to work on their own to achieve better cloud security.
Protecting personal information in the cloud remains a complicated endeavor. Many business professionals often ask their IT departments, what is cloud computing? As concerns over privacy mount, cloud providers and governments are scrambling to find the right solution to encourage innovation while still improving security. Issues over privacy are certainly nothing new and are not relegated to concerns over the internet, but the cloud remains a new frontier that many people are still trying to figure out. Privacy protection is a crucial issue that can’t be ignored, while solutions shouldn’t be delayed. All individuals should feel safe knowing their privacy is protected if they choose to use the cloud. | Images via Shutterstock