TY - GEN
T1 - Privacy in the cloud
T2 - 2011 Workshop on Governance of Technology, Information, and Policies, GTIP'11
AU - Bashir, Masooda N
AU - Kesan, Jay P
AU - Hayes, Carol M.
AU - Zielinski, Robert
PY - 2011
Y1 - 2011
N2 - Human life today has become entangled in the Internet. We access e-mail, store content, and use services online without a thought as to where data reside or how data are protected. The "cloud," a conceptualization of how data reside on the Internet rather than locally, is the latest technological innovation or computing trend du jour. However, many concerns surrounding cloud computing remain unaddressed. How are the data we store online kept confidential? Who else has the right to access our private information? What kind of laws and policies offer us protection? We begin by evaluating the current situation by examining the Terms of Service (ToS) agreements and privacy policies from well-known cloud providers, and we describe the types of privacy protections (or lack thereof) that they offer. We conclude that a contractarian approach to privacy protection is likely to lead to a situation in which consumers end up trading their privacy without being well-informed about the implications and consequences of their choices. Next, we examine whether the applicable laws are adequate to protect the privacy of consumers in the cloud. We discuss privacy protections in the cloud by considering the Fourth Amendment, the Stored Communications Act, the Federal Information Security Management Act, and the USA PATRIOT Act, and we conclude that they are inadequate in according a minimum level of privacy to consumers in the cloud, setting the stage for a vigorous study of the form and substance of cloud computing-centric privacy legislation.
AB - Human life today has become entangled in the Internet. We access e-mail, store content, and use services online without a thought as to where data reside or how data are protected. The "cloud," a conceptualization of how data reside on the Internet rather than locally, is the latest technological innovation or computing trend du jour. However, many concerns surrounding cloud computing remain unaddressed. How are the data we store online kept confidential? Who else has the right to access our private information? What kind of laws and policies offer us protection? We begin by evaluating the current situation by examining the Terms of Service (ToS) agreements and privacy policies from well-known cloud providers, and we describe the types of privacy protections (or lack thereof) that they offer. We conclude that a contractarian approach to privacy protection is likely to lead to a situation in which consumers end up trading their privacy without being well-informed about the implications and consequences of their choices. Next, we examine whether the applicable laws are adequate to protect the privacy of consumers in the cloud. We discuss privacy protections in the cloud by considering the Fourth Amendment, the Stored Communications Act, the Federal Information Security Management Act, and the USA PATRIOT Act, and we conclude that they are inadequate in according a minimum level of privacy to consumers in the cloud, setting the stage for a vigorous study of the form and substance of cloud computing-centric privacy legislation.
KW - cloud computing
KW - cloud computing contracts
KW - legal aspects
KW - privacy
UR - http://www.scopus.com/inward/record.url?scp=84855337636&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84855337636&partnerID=8YFLogxK
U2 - 10.1145/2076496.2076499
DO - 10.1145/2076496.2076499
M3 - Conference contribution
AN - SCOPUS:84855337636
SN - 9781450310826
T3 - ACM International Conference Proceeding Series
SP - 21
EP - 27
BT - Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies, GTIP'11
Y2 - 6 November 2011 through 6 November 2011
ER -