Feeds

Fed watchdog barks at cloud security

Consumers might get bitten

Secure remote control for conventional and virtual desktops

The US federal consumer protection watchdog is barking at security and privacy risks posed by cloud computing.

With ever-more products and services asking users to upload personal and sensitive information to centralized online servers in the nebulous (but trendy) notion of "the cloud," the US Federal Trade Commission is pondering whether further steps are needed to protect consumer privacy.

In a letter (PDF) sent to the Federal Communications Commission in December, first uncovered by The Hill, the FTC has outlined some of its specific concerns about the cloud services.

A primary issue raised is that many consumers aren't actually aware of the data security risk involved. "For example, the ability of cloud computing services to collect and centrally store increasing amounts of consumer data, combined with the ease with which such centrally stored data may be shared with others, create a risk that larger amounts of data may be used by entities in ways not originally intended or understood by consumers," the FTC letter states.

The letter continues that the FTC's consumer protection efforts have included close scrutiny on how cloud services handle authentication and credentialing. The agency boasts that it had "encouraged" businesses to strengthen their authentication methods in a report on Social Security numbers back in 2008, and additionally sicced its lawyers on some particularly lax firms to get their authentication procedures up to snuff.

The FTC is also hosting public roundtable discussions on the issue. The first, held in December 2009, considered consumer exceptions of privacy relating to online and offline data collection by advertisers and information brokers. The next will be held on January 28, 2010, and focus on how technology affects consumer privacy and will include specific discussions on cloud computing, identity management, mobile computing, and social networking.

The agency's missive was sent to the FCC, which is currently working on a national broadband plan to be submitted to US Congress in February. The letter is a response to the FCC's notice of inquiry into how broadband issues relate to cloud computing and privacy.

"We believe that strong privacy and data security protections for consumers are critical as the FCC considers technologies such as cloud computing and identity management in implementing a national broadband plan," it states.

And because hey - everyone loves a pat on the back - it also "recommended" the FCC's Broadband Plan include a piece where it will recognize the FTC's law enforcement and consumer eduction efforts over online consumer protection. ®

New hybrid storage solutions

More from The Register

next story
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.