Even as certain parts of the US government move toward adopting cloud computing solutions, other parts are limbering up their regulatory trigger fingers, according to this report from legislative watchdog The Hill. The Federal Trade Commission plans to examine the privacy and data security implications of cloud computing services, although it does not identify which services particularly it plans to look at. Given the long-standing debate over what does or does not constitute "cloud computing" I suspect that's not simply an idle observation, but perhaps the most salient unanswered question raised in the otherwise innocuous FCC filing that describes the upcoming effort.

The FTC's Consumer Protection Bureau appears to bear primary responsibility in the investigation, which might provide some clue as to its direction. The CPB currently shares oversight with the FCC in broadband access matters, and has been one of the key players in the network neutrality debate. Considering the major alignments in that confrontation and the participation of several significant cloud providers (Google, Amazon) on one side of it, it seems likely that they're going to be the ones getting the first calls as the examination kicks off. Whether or not this is a veiled maneuver engineered by certain of their opponents to open another front in the neutrality confrontation verges a bit too far into conspiracy theory territory for me, but I'll admit it came to mind when I read this.

It's difficult to see exactly what the benefit might be, however. As I have stated often before, the privacy and security that come with cloud-based solutions is frequently and indeed, almost inevitably, better than what individuals or businesses are able to achieve with their own resources. An unbiased investigation isn't likely to turn up much in that respect, except inasmuch as individuals may not always realize to what extent services are coordinated within a large provider such as Google. There have not, however, been any significant violations of personal privacy as a result, to my knowledge. The motives really aren't there; Google wants your data, sure, but it's primarily to throw ads at you, not to sell your name to telemarketers. In fact, that would provide unwanted competition.

Apart from all that, it seems a bit premature to be looking at these services. They are hardly out of beta in most cases, and the usage patterns are far from being established. Everyone is still playing around and experimenting with the possibilities, and providers are still adjusting their offerings. Perhaps the FTC will come away with that realization and let the field adjust a bit before jumping in. It seems to me, however, that in most cases neither government nor businesses are much good at leaving well-enough alone once they start looking at anything they might potentially influence or control.