Study: Regulatory Overreach Threatens Cloud Computing Future

Published May 31, 2016

A report from the Technology Policy Institute says although cloud computing is growing quickly, regulatory overreach such as privacy and network neutrality rules present serious threats to an industry still in its infancy.

“Cloud computing holds considerable promise as a transformative technology that can change the very nature of computing,” says Christopher Yoo, author of the TPI study on “Cloud Computing: Architectural and Policy Implications,” released in February. “Assessing its relative merits requires a clear understanding of its key concepts and its underlying economics.”

Yoo concludes the future reliability, efficiency, and security of cloud computing networks, data centers, and routers requires “operational support for controlling and verifying the routes that particular traffic takes as well as for setting and changing prices. Satisfying these new demands will require major changes to the architecture, both in terms of access networking and in terms of data center connectivity. It also implicates important questions of public policy.”

Privacy Concerns
Andrew B. Serwin, chairman of the privacy, security, and information management practice at the San Diego, California-based law firm of Foley & Lardner LLP, notes more telecom companies are entering the cloud services sector, and he warns the FCC may assert its authority to regulate telecom companies in areas where the agency has no jurisdiction.

“In the cloud, everything that was old is now new,” Serwin said. “The issue is that all of the current [telecom] laws deal with wired communications. The FCC is trying to have jurisdiction over the pipe—the ISPs, but I don’t think they can have jurisdiction over the cloud providers if they’re not telecom companies.”

Serwin also cites data privacy as a major concern. He notes the government could subpoena data corresponding to an individual from a cloud service provider far easier than it can legally access that information when stored on a personal computer. Also yet to be addressed are international data transfer and the legal compliance obligations associated with such transfers, Serwin says.

‘Telephone-Style Regulations’
Yoo identifies the current regulatory uncertainty as a threat to the cloud computing industry. Specifically, he says network neutrality rules adopted by the Federal Communications Commission last December will suppress investment and innovations.  

“Cloud computing presumes that providers will provide guaranteed levels of quality of service and offer different levels of reliability, and that people will pay for these services,” Yoo writes. “In order to deliver these services, network providers will have to establish redundant connections and use sophisticated network management techniques to implement routing policies that guarantee that the network can satisfy the demands of cloud computing users. To the extent that customers’ needs vary, one would expect some customers to pay a premium for higher levels of reliability and network services.”

Yoo continues, “Some cloud computing providers report that being subject to telephone-style regulation has led them to forgo providing their own data center interconnections and [instead] to outsource those services.”

Christopher Cook, general partner at Atlanta, Georgia-based Vale, Duval and Chambers, consultants specializing in business continuity services with specialties in technology advisement, strategic business operations, and strategic implementation, agrees net neutrality is the biggest policy issue threatening further development of cloud computing.

“If net neutrality passes, it will serve as an attenuator on bandwidth and on network infrastructure,” Cook said. “The FCC should foster an industry-based solution rather than a regulation-based solution.”

Phil Britt ([email protected]) writes from South Holland, Illinois.

On the Internet

“Cloud Computing: Architectural and Policy Implications,” Christopher Yoo, Technology Policy Institute, February 2011: