Privacy, Security Seen Critical in Data Portability, Cloud Computing
Data portability and cloud computing bring new challenges to privacy and security, groups said in comments at the FCC on a National Broadband Plan public notice about data portability and cloud computing and their implications on broadband.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Strong privacy and data security protections are essential as the FCC considers technologies like cloud computing and identity management in implementing a National Broadband Plan, the Federal Trade Commission said. The FTC is considering cloud computing and identity management as part of a broader initiative to reexamine various models to promote consumer privacy, it said.
Qwest urged the FCC to limit its engagement in cloud computing to information gathering and consulting with other agencies (like the Federal Trade Commission and Department of Commerce) and standards bodies, saying clouding computing is still an emerging technology. Regulations that prematurely influence technology or that pre-judge policy issues should be avoided, the company said. Now is not the time for prescriptive regulations, Qwest said. It proposed an intra-agency approach: Appointing one federal regulatory body as having the leadership role in tackling the matter.
AT&T hopes the Commission promotes industry-wide dialogue on the policy issues that cloud providers should address, it said. Policies that would inhibit the development of cloud computing should be avoided, said AT&T. But any regulations that would limit carrier cloud computing services must apply equally to all cloud providers, including Google, Microsoft, Amazon and Yahoo, AT&T said. The technology also brings new challenges in areas like privacy and security because the data isn’t under the direct control of the user and cloud resources, whether processing or storage, aren’t restricted by national boundaries, AT&T said. International privacy norms, data protection laws and rules regarding government access vary widely and process and standards for reconciling conflicting requirements are incomplete and evolving, AT&T said. But that could be an opportunity for the U.S. to take the lead globally by promoting the development of responsible business practices that address policy concerns, it said.
Readying data sets will require, prior to release, checking that they don’t contain personally identifiable, sensitive or other information that could be used to link the released data to individuals, the Center for Democracy & Technology warned. Additionally, the National Broadband Plan should address the privacy implications of identity management systems used to provide personalized service online, it said. CDT also supports government use of third- party identity providers to avoid the creation of a centralized national ID database or system of linked databases. Meanwhile, having different levels of authentication credential options, ranging from anonymity to full identity, with pseudonymity as a key intermediate option, is important for protection of privacy and security, CDT said. It’s also imperative that federal data be made available via a variety of open standards and open source formats, said the Data Portability Project.