With the proliferation of SaaS business productivity platforms last year, there came many debates about the security issues cloud computing may raise. Or rather, there were many tech pundits stating that the growing popularity of cloud computing led to sophisticated and safe applications, and therefore cloud security issues were a moot point. Earlier this week, the Federal Trade Commission announced they wanted to examine the issue for themselves, and will be holding a roundtable at the end of this month to discuss potential privacy problems; roundtable participants will include industry stakeholders.
In terms of business productivity software providers, vendors big and small—from Salesforce.com to Zoho to Microsoft—could be affected by the FTC’s findings. What the FTC is intending to find, however, is another question. Alex Williams at ReadWriteWeb is right to point out that the Commission’s inquiry might be poorly met, given that there are still debates about defining “cloud computing.”
The roundtable will be the second the FTC has held to discuss online privacy, and the inquiry stems from a letter written by FTC Director of Bureau Consumer Protection, David Vladeck, to the Federal Communications Commission, requesting a comment on a national broadband plan the FCC is drawing up. Vladeck’s letter asked that the FCC pay attention to cloud computing and identity management in during broadband development. Tech bloggers are right to point out that in the letter (which can be found on The Hill blog), Vladeck acknowledges the cost efficiency of cloud computing; the roundtable stems from concerns about the security issues raised by “storage of data on remote computers.”
The FTC’s obvious aim is to protect consumer privacy, but it’s unclear what exactly the result of this roundtable will be. Remote storage predates the term “cloud computing,” and even though privacy questions have been raised, the number of cloud computing applications is growing rapidly. Groups like the Electronic Privacy Information Center, and the Center for Digital Democracy, are asking the FTC to issue Fair Information Principles for the Internet rather than looking to industry privacy self-regulation, but it seems unlikely at this point that the FTC will desist.
It’s even more uncertain what the implications for business software will be. Most companies who’ve selected SaaS solutions have done so wisely, and after much research—because that is what we do in the internet age—and many companies that are apprehensive about an entirely cloud-based solution have chosen SaaS hybrid models. For those enterprise software buyers concerned, potential cloud security issues are not news, so I’m curious to see what the roundtable will determine for the business software market.
What do you think?