"Government enforcement will play a critical role in stopping and deterring attacks on the cloud, but only if Congress adapts the law to new security challenges," Smith said. "Currently, it is sometimes difficult for federal prosecutors to establish the monetary thresholds needed to impose felony penalties. In addition, Congress should amend the CFAA to increase the level of fines levied against hacking into a datacenter."
Furthermore, Microsoft is also looking for the government to adopt "truth in cloud computing" legislation that would require cloud providers to provide consumers with deeper information about the cybersecurity measures they take, including how their information will be stored, accessed, and used by service providers and whether the provider's treatment of the data meets certain standards.
Finally, Microsoft wants Congress to give the President proper tools to allow the executive branch to work with foreign governments to develop international data access frameworks to simplify and reconcile what's currently a messy array of laws that differ substantially among countries.
Smith cited a survey commissioned by Microsoft to back up his suggestions. The survey found that although 58% of the general population and 86% of business leaders are "excited about the potential of cloud computing," more than 90% express concerns about privacy, access and security of data in the cloud and more than 50% are in favor of laws to regulate cloud computing.