The Connected Web

Phil Wainewright

No Certainties on Cloud Confidentiality

By Phil Wainewright on February 24, 2009 5:07 AM 0

0

A report just published by the World Privacy Forum spells out the risks to privacy and confidentiality posed by cloud computing. Written by privacy expert Robert Gellman, Privacy in the Clouds (PDF) explains the murky uncertainties surrounding what might happen to your data once it's stored in the cloud. The main problem is that the terms of service of most cloud providers fail to make any useful assurances about where your data will be stored and how its confidentiality will be protected. This leaves it wide open to potential threats.

As alluded to in my item last week on Data Protectionism, the main threat comes not from actions (or inaction) by the cloud provider (whose commercial reputation relies on keeping your data secure) but from other parties. The simple act of putting your data in the cloud often makes its confidentiality less reliable than if you had kept it under your own control, says the WPF:

"In its analysis and discussion of relevant laws, the report finds that both government agencies and private litigants may be able to obtain information from a third party more easily than from the creator of the information. A cloud provider's terms of service, privacy policy, and location may significantly affect a user's privacy and confidentiality interests."

Some may draw the conclusion from this that cloud computing can never be trusted. I would argue for a far less draconian outcome. Cloud providers simply have to get their act together, as the report suggests: "If the cloud computing industry adopted better and clearer policies and practices, users would be better able to assess the privacy and confidentiality risks they face." It's up to the industry itself to understand the risks, contain them, and spell them out clearly to customers, ideally offering different levels of privacy and confidentiality assurances, priced according to what customers want and are prepared to pay for.

No TrackBacks

TrackBack URL: http://www.ebizq.net/MT4/mt-tb.cgi/15340

Leave a comment

Recent posts from our Blogs

CloudShare Comes Out of Stealth Mode: A Talk with Kevin Epstein by Jessica Ann Mola in Business IT Buzz Blog
Top 10 BI Predictions for 2010 by ebizQ in ebizQ's Business Agility Watch
SOA in Emerging Governments by Leah Archibald in Business IT Buzz Blog
4 Data Integration Predictions for 2010 by David Linthicum in Leveraging Information and Intelligence
SOA Roundup: Gartner Seeds Clouds; SOA Needs Open Source; Business Feeds SOA by Joe McKendrick in SOA in Action Blog
Success in the clouds may mean staying grounded in SOA by Kelly Emo in IT as a Catalyst for Optimal Business Outcomes
Is the Future of SOA Open Source? by Dion Hinchcliffe in Dion Hinchcliffe's Next-Generation Enterprises
The Coming Innovations in Data Visualization by Nari Kannan in New Frontiers in Business Intelligence
Time to review "SOA Best Practices" by Michael Poulin in Business Ecology Initiative & Service-Oriented Solution
What's New With SOA Software: Live from Gartner AADI by Jessica Ann Mola in Business IT Buzz Blog

Phil Wainewright blogs about how businesses are using the Web to get better plugged into today's fast-moving, digital economy.

Phil Wainewright

Phil Wainewright specializes in on-demand services View more

Subscribe

Subscribe in a reader

Also Read Andre Yee blog on cloud computing

Recently Commented On

DoD Cloud Delivers Computing As A Service (1)
Phil Morris wrote: Yes, but they also avoid being on a... [more]
Outlook Gets Social, About Time Too (1)
Ali Din wrote: Outlook 2010 seems to be coming wit... [more]
SaaS Silos Create New IT Management Challenges (1)
Joanna Lees-Castro wrote: Great interview. This is an excel... [more]
HP CEO Flails Cloud with Faulty Firewall Logic (3)
Karthik wrote: I wonder how folks reacted when ban... [more]
Switch to SaaS For Free (3)
Commence Web CRM wrote: Commence Corporation offers both Sa... [more]

Recent Webinars

Recent News

Categories

Tag Cloud

Actional, Adobe, ADP, advertising, AdWords, aggregation, agile, AIR, AJAX, Amazon, Amazon Web Services, AMD, Andrew McAfee, antivirus, API, Appirio, Apprenda, Aria Systems, Ariba, authentication, Aviary, backup, benchmarking, billing, black swan, Blackberry, Boomi, Box.net, BPO, Bungee Labs, business intelligence, business model, Business process, Central Desktop, CIO, Cisco, Clara Shih, Clickability, cloud, Cloud computing, cloud computing, Cloud Computing Interoperability Forum, Cloudforce, Cloudkick, CODA, code of practice, Coghead, collaboration, colocation, commoditization, confidentiality, Conformity, contacts, contextual, Covario, CRM, crowdsourcing, customer advocacy, Customer communities, Customer service, customization, data, development, digital goods, Don Tapscott, e2conf, economics, eGain, email, Emergence Capital, Engine Yard, Enterprise 2.0, Enterprise Irregulars, Enterprise resource planning, Equinix, ERP, EU, events, ExactTarget, Excel, Exchange, Facebook, FaceBook, file sharing, firewall, Flash, Force.com, Forrester Research, Fred Wilson, Freshbooks, gaming, Gartner, Generation-Y, geo-location, GigaSpaces, Gigya, Gmail, Google, Google AppEngine, Google Apps, governance, Gwabbit, gwabbit, HCM, Helpstream, Heroku, HP, IBM, identity, iGoogle, inbox, InsideView, Intalio, integration, interoperability, intranet, iPhone, JackBe, Java, Jive Software, Kana Software, Keynote Systems, LinkedIn, Lithium Technologies, location, lock-in, Lotus Notes, Louis Nauges, malware, market research, MarketBright, marketing automation, Marketo, mashups, Mashups, Maxplore, McKinsey, messaging, microblogging, Microsoft, Microsoft Exchange, millennial, mobile, monetization, MrTed, multi-tenancy, NetSuite, Nick Carr, Notes, Omniture, on-demand, OpenSocial, Opsource, Oracle, Outlook, Pageflakes, Panda, payment processing, PCI, Platform as a service, Platform as a Service, Platform-as-a-service, Plaxo, portals, pricing, privacy, process, Progress Software, protectionism, provisioning, Rackspace, real-time Web, recruitment, reporting, REST, retail, Ribbit, RightNow, RightScale, ROI, Rootstock, RSS, SaaS, sales, Sales 2.0, Salesforce.com, SAP, SAS, Saugatuck, Saugatuck Technology, ScanSafe, search, search engine optimization, security, self-service, Service level agreement, Service-oriented architecture, ServiceChannel, SharePoint, Sidekick, single sign-on, situational, Situational, SmartRecruiters, SMB, social computing, social media, Social networking, social networking, Socialtext, Software as a service, Sonoa Systems, spend management, Spoke, standards, storage, Sun Microsystems, Symantec, systems management, T-Mobile, talent management, TCO, Tibco, time sharing, trust, Twitter, Ubuntu, venture capital, viral marketing, virtual office, virtualization, Walmart, Wavemaker, Web 2.0, web 2.0, web analytics, web content management, web services, webtop, widget, wiki, Windows Azure, Wolf Frameworks, work 2.0, Workday, WorkLight, World of Warcraft, Xceliant, Xing, Yahoo!, Yakabod, ZapThink, Zuberance,

Blogs

ADVERTISEMENT