Cloud Computing Privacy Concerns

Privacy Concerns with Storing Organizational Data in the Cloud
The Security Pros and Cons of Cloud Computing
Drawing on the observation provided by Kesan, Hayes, and Bashir that, “[T]he market forces peering into private lives may not be doing so with malicious intentions, but the corresponding decrease in consumer control of their personal information is nonetheless harmful” (p. 471), the purpose of this paper is to explain why this statement is accurate. To this end, an analysis of the benefits as well as the compliance risk concerns that are associated with the storage of organizations’ data in the cloud is followed by a discussion concerning the balance between efficiency and deprioritizing privacy concerns, and an analysis about whether additional regulatory intervention is necessary.
Review and Analysis
The balance between efficiency and deprioritizing of privacy
There is a cost-benefit analysis involved with determining the precise balance between efficiency and the need for privacy in organizations of any size and type. For example, the security protocols that are used by companies to protect their organizational data exist along a very lengthy continuum that ranges from the Fort Knox-level security that is used to protect the formula for Coca-Cola which is known only to a few select individuals and the written version kept under strict lock-and-key to open source applications that are accessible by all. Against this backdrop, it is clear that every opportunity to improve the efficiency of data processing operations in the cloud carries a corresponding privacy risk. For example, according to Coss and Dhillion (2020), “The advantages of cloud computing, such as the ability to easily scale to meet growing technology needs, increase data storage capacity, and share services in a dynamic environment, also increase the risk to the protection of information privacy” (p. 81).
One of the keys to optimizing the balance between efficiency and data security in the cloud is to avoid the tendency to “jump on the cloud bandwagon” and taking the plunge without taking into account the multiple privacy concerns that this type of initiative entails. In this regard, Coss and Dhillon (2020).caution that, “Organizations inadvertently overlook the related considerations of governance, audit, and assurance when they rush to adopt cloud computing services” (p. 79). In reality, though, even organizations that perform their due diligence prior to making the transition to the cloud are also confronted with numerous privacy issues that relate to individuals and corporate proprietary rights to privacy. As Coss and Dhillion (2020) point out, “Rapid advancements in technologies have not been matched by development of ethical guidelines for their utilization fast enough to maintain a proper balance between technology and individual rights, including privacy” (p. 80).
Is more regulatory intervention necessary?
While it is tempting to resist any additional regulatory intervention on the part of the U.S. government, especially when it comes to the free flow of data on the Internet, some authorities are calling for just such action in response to a recent decision by the European Union’s Court of Justice (CJEU) which struck down a proposed data transfer framework known as “Privacy Shield.” The essence of this decision was to send a clear message to American lawmakers to “get on and do the job of intervening to stop people’s data flowing to third countries where it’s at risk” (Lomas, 2020, para. 5). In sum, the cloud computing environment remains vulnerable to a wide array of privacy threats that must be taken into account when using the cloud for data storage and analyses applications.
Conclusion
The research was consistent in showing that there are a number of benefits that are associated with cloud computing, including the scalability to meet changing needs and virtually limitless data storage capacity. The research also showed, though, that these same benefits introduce a number of corresponding privacy considerations and concerns which remain the focus of ongoing scholarship and legal analysis. The recent decision by the CJEU also underscores the need for additional intervention on the part of U.S. lawmakers to help enhance the nation’s data security infrastructure.
References
Coss, D. L. & Dhillon, G. (2020, Summer). A framework for auditing and strategizing to ensure cloud privacy. Journal of Information Systems, 34(2), 79-83.
Lomas, N. (2020, July 17). Legal clouds gather over U.S. cloud services after CJEU ruling. TechCrunch. Retrieved from https://techcrunch.com/2020/07/17/clouds-gather-over-us-cloud-services-after-cjeu-ruling/.