Regulating the Cloud

Bill Davidow of Forbes points out a conundrum of cloud computing: the cloud is “too important to be regulated and too important to be left alone.” In other words, one of the primary reasons cloud computing works is because it is not overburdened by government rules and regulations. On the other hand, the cloud can be dangerous in many ways.

Davidow points out a few of these dangers in his post:

1) The cloud puts your privacy at risk, since cloud-based data can be accessed without your knowledge and in some cases without a warrant.

2) Cloud services providers may have weak security systems.

3) Your data might get lost, either as the result of a lax cloud provider or a hacker.

4) Your data might get lost as a result of bankruptcy or just plain “going dark.”

5) Abuse of “lock-in,” which means that a cloud provider might make it difficult (if not impossible) to move services to another solution. This might result in high costs to move an account or (you guessed it) your data might get lost.

Although these are real dangers that might result in identity theft, data loss, business continuity issues, and significant expense, there is also risk inherent in regulation. Overregulation and reactive regulation will quickly chill innovation and experimentation, the very drivers that are helping the cloud industry develop. To the extent regulation is required it should be equitable and proactive, balancing risks and rewards, innovation and protection. In this way the cloud can continue to grow responsibly, minimizing (or at least managing) the dangers while still striving for the next big thing.