In a lot of ways, the privacy and security issues with cloud computing parallel those found with the open source and SaaS models, which is why it doesn’t surprise me to see that the FTC is looking into what rights federal regulators and customers would have to seize or transfer information out of “the cloud.”
But at the core of this argument, I once again see customer choice and freedom as being one of the cornerstones of resolution. If a customer doesn’t feel their data is secure in Amazon’s or Google’s products, what should prohibit them from transferring that data elsewhere? As cloud computing continues cultivate within the technology market, there will be more and more options to choice from, and that will only mean good things for customers.
And just like the open source market did with code distribution, cloud computing would benefit immeasurably from a set of standards that laid the groundwork for data security. For example, if a business is leveraging Amazon’s cloud offerings to launch new applications, who is responsible for the security? Ultimately it should be the customer company, but what set of standards already exist that define such a relationship between a cloud vendor and its customers that aren’t determined on a vendor-by-vendor or relationship-by-relationship basis?
In the long run, I think it will boil down to industry-accepted standards, driven by the customers and choice, that will enable businesses to more accurately navigate the manner in which vendors host and secure their applications and accompanying data.