When it comes to cloud computing, I’ve often spoken in favor of it, and all the benefits it provides. That said, security has always been an issue, and that is even truer now that the PRISM and Tempora surveillance programs have come to light.

At the House of Commons debate in the U.K., privacy advocate Caspar Bowden explained how surveillance programs such as PRISM pose a threat to security and privacy of business cloud services. FISA (Foreign Intelligence Surveillance Act) allows U.S. authorities to take plain text data from the data center, so it’s vital to keep cloud data close, safe and under its owner’s jurisdiction only.

Furthermore, it was mentioned that the U.K.’s own Regulatory of Investigatory Powers Act (RIPA) is also in need of rewriting, so that it can better protect consumers and businesses. Many privacy laws were written before the creation of the cloud, or even the Internet, so they do not take them into account. That needs to be amended, so as to provide clear laws and protection for data stored in the cloud and online.

“Why I bang on about cloud computing is because every organization is now under [pressure] to think about migrating their data to the cloud, and overwhelmingly the cloud computing industry is an American industry,” Bowden explained. “The reason is cost, because you can do almost any type of processing in the cloud, and the cost is probably at least 50 percent less than what you paid before, so it seems to be not just a no-brainer but something that you get driven by your organization to do. I think what we've learnt in the last three weeks should persuade us to totally re-evaluate that situation.”

That’s not to say that anyone should abandon the cloud computing ship. It still provides many benefits, both in cost and convenience. But caution should be taken for the time being, until laws and regulations are made clear regarding the privacy of data in the cloud.

While the philosophy of “If you don’t have anything to hide, then you shouldn’t be worried” may or may not apply, whether or not one should have to hide anything is not the point. People trust their clouds to be secure, and breaking that trust sets us all back. There is no technical defense against it yet, but there should be, so that we can all use the technology at our disposal without having to worry about prying eyes. Until then, you have to know which companies you can count on, and keep control of your data.