Microsoft pushes 'cloud computing' act

Microsoft executives were on Capitol Hill Wednesday to publicize a new bill it is proposing to update privacy and security laws for one of Washington’s biggest buzzwords: cloud computing.
 
Although most people have never even heard of it, the government and consumers are increasingly using the technology on a daily basis. Cloud computing refers to storing documents, email and photos on remote servers run by Google or Microsoft, and people can access that data through the Internet. If you have a Gmail or Hotmail account, you’re a cloud computing customer.
 
But there are still big privacy and security concerns with the technology. The government is especially concerned with protecting sensitive or even classified information in a “cloud” that could be vulnerable to hackers.

 
So Microsoft’s general counsel Brad Smith, and the company’s team of lobbyists, is pushing the "Cloud Computing Advancement Act" to modify out-dated laws governing digital communications. The ideas would have to be addressed by the Commerce and Judiciary committees in both chambers.
 
“We need new action by Congress to modernize laws and fill in the gaps,” Smith said Wednesday at the Brookings Institution. “The government plays a key role in moving the law forward to keep pace with new technologies.”
 
While all the major companies offering “cloud” services—Google, Amazon, IBM and Salesforce—have talked about the need for tighter security safeguards, Microsoft is the first to outline legislative recommendations.
 
Specifically, Smith is proposing reforming the Electronic Communications Privacy Act, which was passed before the Internet became widespread, and the Computer Fraud and Abuse Act to go after cyber criminals.
 
For example, he said Congress needs to increase the fines for hacking into a data center, which stores data for hundreds of thousands of people. Under current law, the fine would be no more severe than for someone hacking into a single computer.
 
Congress needs to enact “truth in cloud computing” principles, similar to the Truth in Lending principles in place for the financial sector, Smith said.
 
Microsoft’s proposed legislation would also start negotiations with other countries to work out global data protection laws. The need for an international agreement on data was underscored last week when Google said it was the victim of cyber attacks targeting human rights activists’ personal information stored on its servers.
 
While lawmakers and the White House have supported Google’s threat to leave China altogether, Smith said Microsoft has no plans of leaving the country.
 
“We need a free trade agreement for data,” he said, acknowledging the hurdles in reaching a “cloud computing treaty.”
 
“Just because we realize it could take a decade to achieve it doesn’t mean we should wait a decade to take the first step,” Smith said in an interview.