FTC Examining Cloud Computing
The agency wants its findings to be considered as the FCC formulates a National Broadband Plan.
In response to a Federal Communication Commission (FCC) Notice of Inquiry into how broadband and data portability issues relate to cloud computing, identity and privacy -- part of the FCC's effort to formulate a National Broadband Plan -- the Federal Trade Commission (FTC) said last month that it is examining the privacy and data security implications of cloud computing for consumers.
"[T]he ability of cloud computing services to collect and centrally store increasing amounts of consumer data, combined with the ease with which such centrally stored data may be shared with others, create a risk that larger amounts of data may be used by entities in ways not originally intended or understood by consumers," wrote FTC attorney David C. Vladeck in a letter to FCC Secretary Marlene H. Dortch.
More Government Insights
- Building a Hybrid Cloud in Government: It's not that Complicated
- Secure Access: Next Steps In Identity Management
- Best Practices Guide for IT Governance & Compliance
- Bloomberg BusinessWeek Agility for Differentiation
Protecting consumer privacy has been one of the FTC's highest priorities for more than a decade, said Vladeck, noting that the agency has brought over two dozen legal actions since 2001 against businesses that failed to adequately protect consumer privacy.
The FTC's consumer protection efforts also include scrutiny of authentication and credentialing. The agency has pushed businesses to strengthen the methods they use to authenticate new and existing customers. The agency won a settlement of over $10 million in civil penalties and $5 million in consumer redress from ChoicePoint in 2006 for poor data handling following a breach that affected over 163,000 consumer records.
Vladeck's letter states that many of the FCC's concerns will be addressed in a series of roundtable discussions that are being hosted by the FTC. The first of those discussions, covering behavioral advertising, was held last month. The next roundtable discussion will be held on January 28, 2010, focusing on how technology affects consumer privacy. The final roundtable discussion is planned for March 17, 2010.
The letter appears to be a reminder to the FCC, as it comes up with a broadband framework for the U.S., to save a place at the table for the FTC. "[W]e recommend that the Broadband Plan recognize the FTC's law enforcement, consumer education, and ongoing policy development efforts in light of its years of experience in online, and offline, consumer protection," Vladeck's letter says.
The FCC is supposed to deliver its broadband plan to Congress by Feb. 17, 2010.
Data is a company's most important asset, yet it's also the easiest to lose. In our new report, you'll find out where sensitive data is going unencrypted and what's holding IT back from adopting encryption end to end. Download the report here (registration required).