On the topic of cloud computing, Neelie Kroes, Vice-President of the European Commission responsible for the Digital Agenda, put a stake in the ground recently at the World Economic Forum, saying that she wanted Europe not simply to be cloud-friendly but also to be cloud-active. I was pleased to see her emphasis on several legal, technical and commercial issues that are most relevant to a cloud-active strategy, such as privacy, security, and interoperability.
According to a recent survey by the World Economic Forum, 90 percent of suppliers and users of cloud services said privacy is a “very serious” impediment to broader adoption of cloud computing in Europe. At the same time, cloud computing’s economic benefits to society are clear, so we all have strong incentive to pursue this technology evolution while meeting privacy and security needs.
Microsoft started addressing security and privacy issues associated with cloud computing in 1994, when we delivered our first online services for consumers. Since then, our experience has shaped our corporate policies, our product and service development guidelines and our business practices. Microsoft has adopted a “Secure by Design” approach, investing in people, processes and tools to make security an integral part of our product development and support lifecycle.
Similarly, Privacy by Design describes not only how we build products, but how we operate our services and organize ourselves as an accountable technology leader. You can read more about this in the following blog post. For us, it includes all of the people, processes and technologies that are committed to maintaining and enhancing privacy protections. It is in place because we know that we must earn the trust of our customers and partners every day by being as transparent as possible about those policies and processes that guide us.
Vice-President Kroes also referred to other technical and commercial “fundamentals” of a cloud-active strategy. Interoperability is one of these. Microsoft has joined efforts with many industry partners to examine the precise needs of customers working with different cloud services, evaluating where standards exist and where they need to be created. The bottom line is: a customer needs to control his own data, and must be able to use and to move that data, no matter what vendor he wants to work with. In addition to collaborative work with standards bodies and industry partners, Microsoft’s work in the VENUS-C project, an FP7 research project providing a cloud platform to scientific institutions around Europe, places particular emphasis on interoperability as well as compatibility with open source software.
Industry has a critical role to play in helping respond to the European Commission’s goals for developing a secure and interoperable cloud strategy for the region. If industry does its job, policymakers can also feel confident in shaping data protection legislation and other policies that work to promote cloud computing, rather than hinder it.
I’m proud to work for a company that is totally committed to maintaining high standards of privacy, security and interoperability in the cloud and across our business. And to demonstrate our commitment, in March 2011 Microsoft is launching a new Cloud and Interoperability Center in Brussels. With this, we aim to show how innovation can help to address Europe’s requirements for a secure, private and interoperable cloud. Through this center and our other ongoing efforts, we look forward to partnering even more closely with industry leaders, governments and consumer organizations to develop globally consistent privacy frameworks to help maximize the economic and social benefits of cloud computing for everyone. And we look forward to welcoming Mrs. Kroes to that event so she can experience the Center and our commitment first-hand.