IT Performance Improvement
Networking and Telecommunications
Share This Article
Privacy and Its Relation to Cloud-Based Information Systems
Information privacy or data privacy is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal issues surrounding them. The challenge in data privacy is to share data while protecting personally identifiable information. The fields of data security and information security design and utilize software, hardware, and human resources to address this issue. The ability to control what information one reveals about oneself over the Internet, and who can access that information, has become a growing concern. These concerns include whether email can be stored or read by third parties without consent, or whether third parties can track the web sites someone has visited. Another concern is whether web sites which are visited collect, store, and possibly share personally identifiable information about users. Personally identifiable information (PII), as used in information security, refers to information that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual.
Privacy is an important business issue focused on ensuring that personal data is protected from unauthorized and inappropriate collection, use, and disclosure, ultimately preventing the loss of customer trust and inappropriate fraudulent activity such as identity theft, email spamming, and phishing. According to the results of the Ponemon Institute and TRUSTe's 2008 Most Trusted Companies for Privacy Survey, privacy is a key market differentiator in today's cyberworld. "Consumer perceptions are not superficial, but are in fact the result of diligent and successful execution of thoughtful privacy strategies," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "Consumers want to do business with brands they believe they can trust."
Adhering to privacy best practices is simply good business but is typically ensured by legal requirements. Many countries have enacted laws to protect individuals' right to have their privacy respected, such as Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), the European Commission's directive on data privacy, the Swiss Federal Data Protection Act (DPA), and the Swiss Federal Data Protection Ordinance. In the United States, individuals' right to privacy is also protected by business-sector regulatory requirements such as the Health Insurance
Portability and Accountability Act (HIPAA), The Gramm-Leach-Bliley Act (GLBA), and the FCC Customer Proprietary Network Information (CPNI) rules.
Customer information may be "user data" or "personal data." User data is information collected from a customer, including:
- Any data that is collected directly from a customer; e.g., entered by the customer via an application's user interface
- Any data about a customer that is gathered indirectly; e.g., metadata in documents
- Any data about a customer's usage behavior; e.g., logs or history
- Any data relating to a customer's system; e.g., system configuration, IP address
Personal data, sometimes also called PII, is any piece of data that can potentially be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual. Not all customer/user data collected by a company is personal data. Examples of personal data include:
- Contact information (name, email address, phone, postal address)
- Forms of identification such as Social Security number, driver's license, passport, and fingerprints
- Demographic information such as age, gender, ethnicity, religious affiliation, sexual orientation, or criminal record
- Occupational information such as job title, company name, or industry
- Health care information such as plans, providers, history, insurance, or genetic information
- Financial information such as bank and credit/debit card account numbers, purchase history, and credit records
- Online activity including IP address, cookies, flash cookies, and log-in credentials
A subset of personal data is defined as sensitive and requires a greater level of controlled collection, use, disclosure, and protection. Sensitive data includes some forms of identification such as Social Security number, some demographic information, and information that can be used to gain access to financial accounts, such as credit or debit card numbers and account numbers in combination with any required security code, access code, or password. Finally, it is important to understand that user data may also be personal data.
1. Privacy Risks and the Cloud
Cloud computing has significant implications for the privacy of personal information as well as for the confidentiality of business and governmental information. Any information stored locally on a computer can be stored in a cloud, including email, word processing documents, spreadsheets, videos, health records, photographs, tax or other financial information, business plans, PowerPoint presentations, accounting information, advertising campaigns, sales numbers, appointment calendars, address books, and more.
The entire contents of a user's storage device may be stored with a single cloud provider or with many cloud providers. Whenever an individual, a business, a government agency, or other entity shares information in the cloud, privacy or confidentiality questions may arise.
2. Protecting Privacy Information
The Federal Trade Commission is educating consumers and businesses about the importance of personal information privacy, including the security of personal information. Under the FTC Act, the Commission guards against unfairness and deception by enforcing companies' privacy promises about how they collect, use, and secure consumers' personal information.
The FTC publishes a guide that is a great educational tool for consumers and businesses alike, titled "Protecting Personal Information: A Guide for Business." In general, the basics for protecting data privacy are as follows, whether in a virtualized environment, the cloud, or on a static machine:
- Collection: You should have a valid business purpose for developing applications and implementing systems that collect, use or transmit personal data.
- Notice: There should be a clear statement to the data owner of a company's or provider's intended collection, use, retention, disclosure, transfer, and protection of personal data.
- Choice and consent: The data owner must provide clear and unambiguous consent to the collection, use, retention, disclosure, and protection of personal data.
- Use: Once it is collected, personal data must only be used, including transfers to third parties, in accordance with the valid business purpose and as stated in the Notice.
- Security: Appropriate security measures must be in place; e.g., encryption, to ensure the confidentiality, integrity, and authentication of personal data during transfer, storage, and use.
- Access: Personal data must be available to the owner for review and update. Access to personal data must be restricted to relevant and authorized personnel.
- Retention: A process must be in place to ensure that personal data is only retained for the period necessary to accomplish the intended business purpose or that which is required by law.
- Disposal: The personal data must be disposed of in a secure and appropriate manner; i.e., using encryption disk erasure or paper shredders.
Particular attention to the privacy of personal information should be taken in an a SaaS and managed services environment when (1) transferring personally identifiable information to and from a customer's system, (2) storing personal information on the customer's system, (3) transferring anonymous data from the customer's system, (4) installing software on a customer's system, (5) storing and processing user data at the company, and (6) deploying servers. There should be an emphasis on notice and consent, data security and integrity, and enterprise control for each of the events above as appropriate.
3. The Future of Privacy in the Cloud
There has been a good deal of public discussion of the technical architecture of cloud computing and the business models that could support it; however, the debate about the legal and policy issues regarding privacy and confidentiality raised by cloud computing has not kept pace. A report titled "Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing," prepared by Robert Gellman for the World Privacy Forum, provides the following observations on the future of policy and confidentiality in the cloud computing environment:
- Responses to the privacy and confidentiality risks of cloud computing include better policies and practices by cloud providers, more vigilance by users, and changes to laws.
- The cloud computing industry could establish standards that would help users to analyze the difference between cloud providers and to assess the risks that users face.
- Users should pay more attention to the consequences of using a cloud provider and, especially, to the provider's terms of service.
- For those risks not addressable solely through policies and practices, changes in laws may be needed.
- Users of cloud providers would benefit from greater transparency about the risks and consequences of cloud computing, from fairer and more standard terms, and from better legal protections. The cloud computing industry would also benefit.