ACMA calls for clear-headed thinking on cloud regulation

  • What is the Cloud?
  • How can it be abused?
  • The bricks and mortar behind the Cloud

                              

 

A report from the Australian Communications and Media Authority, a regulator, has outlined how it proposes to regulate data shared over ‘the cloud’. Specifically, the paper calls for simple and direct regulation on an industry that is already confusing enough for the average consumer.

Cloud Computing

Cloud Computing is a blanket term to cover a host of services, but the main thrust is that it concerns remotely stored material. Rather than storing documents, videos and contacts as a file on your PC, you upload them to a service that stores them for you. The benefit is that your documents are available from anywhere with a web connection, and that your documents are backed up to a secure location.

The term ‘cloud’ makes the whole thing sound a little magical, like there’s some heavenly ether that our documents are stored in. Of course, that’s nonsense; the real cloud is massive data centres located in cold climates around the world. Most of it is in the US, but Australia runs and operates several data farms.

Safety

Apart from concerns over having sensitive and personal info accessible from anywhere and with only minimum security (ie. passwords), there’s also questions over putting all the eggs in one basket. A data centre going down means BAD things. On a micro level, it means losing precious memories and important legal documents. For a big company, it means everyone losing their jobs and insurance claims going kaput, medical records disappearing, financial instruments ruined and so on. Duplicating everything is a band-aid; it means your info is out there in more locations, and there’s never enough locations to make EVERYTHING safe. It would be a big coincidence if two mirrored data centres went down at the same time, but it’s definitely not impossible.

So the regulator has a task in making sure not only that data is secure from prying eyes, but also in guaranteeing some minimum standards in keeping everyone’s data from being destroyed.

Governance

The paper mentions as a chief priority "confidence in overarching global governance structures that support digital data in the cloud". This has become more relevant with the recent revelations about PRISM, the US Intelligence Community's overarching project to monitor private communications of all stripes. How the Australian regulator hopes to incorporate these concerns (Australians go through US web servers all the time, en route to US hosted content) into their domestic strategy is unclear at this stage.

Standardization

Most of the paper concerns standardization. Guaranteeing that Australian operators utilize common protocols in storing, accessing and sharing cloud-based data and services will be the main goal for ACMA, in no small part to discourage a data centre from gaining business, and then turning around and locking in a client with a unique, proprietary standard that restricts the client to their ecosystem.

For more details, the paper can be accessed here.

ISP based Cloud Services

Optus (1300 192 947) and Telstra both offer services to store important documents as part of their suite of broadband products. But for those not looking to lock themselves into the Big Two, Dropbox, Google Drive and iCloud are the most popular solutions. Small businesses might want to look into Internode's Disaster Recovery Service.