Today, SIIA released an authoritative guide to cloud computing for policymakers. The white paper provides a roadmap for fostering the development of the cloud and harnessing its full economic potential.
Cloud computing doesn’t require legislation or regulation in order to safely and rapidly grow. In fact, cloud-specific regulations could impede the industry from realizing its full potential as a key economic engine. Policymakers should join with industry to foster best practices and see that they are properly enforced.
Cloud computing already provides a favorable environment for applying many security measures, it provides a strong engine for growth across businesses and regions around the world, and it can lead to greater choice and lower prices for consumers. SIIA encourages policymakers to promote open standards for software and data interoperability and embrace a global approach that allows for the unrestricted transfer of data across borders.
In order to reap the full economic benefits of cloud computing, policymakers should:
1. Avoid cloud-specific rules and policies, in favor of policies that apply broadly to a wide range of technologies and services, and those that maintain a level playing field for cloud computing and all approaches to remote computing and data storage.
2. Promote open standards for software and data interoperability and avoid policies that would favor one particular business model or technology over another.
3. Promote policies that allow to the greatest extent possible, unrestricted transfer of data across borders.
4. Encourage rules governing data to travel with the data in order to adequately recognize varying jurisdictional requirements, and ensure data subjects do not lose protection when their data is stored and processed in the cloud, or in any remote computing environment.
5. Avoid localization mandates, or any policies that would give preference to data processors using only local facilities or operating locally.
6. Seek interoperable privacy regimes in which countries recognize each other’s privacy rules to the greatest extent possible.
7. Embrace a global approach to cybersecurity that recognizes the global nature of interconnected systems and provides for data to be protected regardless of where it is located, and that seeks international consensus standards that avoid fragmented, unpredictable national requirements.
View the full report, or get the highlights in the executive summary.