Modernizing Authentication — What It Takes to Transform Secure Access
Online privacy has been a growing concern for businesses, consumers and policymakers for more than a decade, and one that's becoming even more pressing as users migrate to cloud computing and adopt social networking for communicating with friends and colleagues.
As a result of the explosion in new models for storing and sharing corporate, personal and financial data, the industry needs to take steps to ensure comprehensive accountability, the head of Microsoft's privacy efforts said Tuesday.
"People care very, very deeply about privacy," Peter Cullen, Microsoft's (NASDAQ: MSFT) chief privacy strategist, said in his opening keynote for the Computers, Freedom and Privacy (CFP) conference in San Jose, Calif. "For privacy professionals, the cloud represents the latest evidence that technology will likely always outpace policy. For instance, the data aggregation enabled by the cloud not only creates rich targets for bad guys, but also heightens a range of privacy and jurisdictional issues."
"To Microsoft, accountability is not just an important concept in this world of exponentially growing data flows," he said. "It is a critical governance principle that organizations need to live by."https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
Hardly a week goes by without yet another example of some company's privacy missteps, whether it's recent issues regarding Facebook's data-sharing options and practices, Google Buzz and Street View, or AT&T and the Apple iPad.
"A perceived lack of accountability is what has frustrated consumers, regulators and advocates with some of the recent high-profile privacy missteps," Cullen said.
Managing accountability is made even more complex by the trend towards cloud computing, where privacy information -- indeed, any information -- may exist almost anywhere, with providers hosting the cloud on thousands of servers located in data centers worldwide.
As one such provider of cloud services, Microsoft has long been talking up its own focus on ensuring data security and privacy.
"This is a dimension of the cloud, and it's a dimension of the cloud that needs all of our best work in my opinion, Microsoft CEO Steve Ballmer told an audience at the University of Washington in early March. "We think, as a big company, we've got to lead on privacy."
Still, vendors, such as Microsoft, aren't alone in concentrating on the problems of accountability and privacy in an environment where cloud technology and social media are growing by leaps and bounds. Such concerns have also been partially behind a broad-based initiative in March to update the Electronic Communications Privacy Act (ECPA), which became law in 1986.
During his talk this week, Cullen acknowledged that even a gigantic company like Microsoft cannot push through privacy standards unilaterally -- instead, it needs the participation and cooperation of other companies and interested parties.
"These truly are issues that no one company, industry or sector can tackle in isolation. So it is important to start these dialogs in earnest and include a diverse range of stakeholders from every corner of the globe," he said.
The CFP conference is sponsored by the Association for Computing Machinery (ACM). One of the promised deliverables from the CFP conference will be a "Social Users Network Bill of Rights," according to the conference organizers.