Hmmm… What am I missing? I cannot lay my finger on a single line in the Communications Act of 1934, the Telecommunications Act of 1996, or any statute in between that gives the Federal Communications Commission (FCC) the authority to regulate cloud computing. And yet, like any good stickler for jurisdictional authority, my PFF colleague Barbara Esbin keeps bringing to my attention little FCC chirps here and there which suggest that the agency is slowly positioning itself to become the Federal Cloud Commission. For example, back in September, Barbara brought to my attention this passage in the Commission’s recent Wireless Innovation and Investment Notice of Inquiry, (paragraph 60, pg. 21):
As other approaches, such as cloud computing, evolve, will established standards or de facto standards become more important to the applications development process? For example, can a dominant cloud computing position raise the same competitive issues that are now being discussed in the context of network neutrality? Will it be necessary to modify the existing balance between regulatory and market forces to promote further innovation in the development and deployment of new applications and services?
In my earlier essay about this, I noted that these questions should serve as a wake-up call for Google and other cloud-based providers who think that “neutrality” mandates will end at the infrastructure layer of the Net. As Berin Szoka and I argued in our paper on “high-tech mutually assured destruction,” regulatory regimes grow but almost never contract. And I’m even less optimistic about the FCC limiting its regulatory aspirations after the latest thing Barbara Esbin brought to my attention.
Today, as part of the Commission’s ongoing effort to develop a National Broadband Plan, the FCC released a request for information “on data portability and its relationship to broadband.” (NBP Public Notice #21) “The Commission seeks tailored comment on broadband and portability of data and their relation to cloud computing, transparency, identity, and privacy,” the notice says. Here was the second item on the list of things the Commission said it was investigating:
Cloud computing. When considering the portability of data, we also consider the processes through which data are moved. In this context, we seek comment on how to identify and understand cloud computing as a model for technology provisioning.
- The National Institute of Standards and Technology defines cloud computing as “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” Does this definition accurately capture the concept of cloud computing?
- What types of cloud computing exist (e.g., public, hybrid, and internal) and what are the legal and regulatory implications of their use?
- Can present broadband network configurations handle a large-scale shift in bandwidth usage that a rapid adoption of cloud computing might cause?
- How does cloud computing affect the reliability, scalability, security, and sustainability of information and data?
- To what extent can the federal government leverage cloud solutions to improve intra-agency processes, intergovernmental coordination, and civic participation?
- What impact do developments in cloud computing have with respect to broadband deployment, adoption, and use?
- How can various parties leverage cloud computing to obtain economic or social efficiencies? Is it possible to quantify the efficiencies gained?
- To what extent are consumers protected by industry self-regulation (e.g., the Cloud Computing Manifesto), and to what extent might additional protections be needed?
- What specific privacy concerns are there with user data and cloud computing?
- What precautions should government agencies take to prevent disclosure of personal information when providing data?
- Is the use of cloud computing a net positive to the environment? Are there specific studies that quantify the environmental impact of cloud computing?
I suppose some might claim there’s nothing wrong with the FCC looking into these issues, and that the agency’s interest in cloud computing is entirely benign. But when it read all these questions about cloud computing in recent FCC notices, I can’t help but thinking about the potential for regulatory creep. Eventually, when a regulatory agency asks enough questions — especially the sort of questions bolded above — it leads to more agency oversight. And more agency oversight typically leads to some sort of agency regulation.
Or perhaps I’m just being paranoid.
Regardless, at a minimum, would someone at least tell me where the FCC gets the authority to even ask these questions? Or do we live in such a Bold New World of progressive government that little encumbrances like statutory authority can be thrown to the wind? Years from now, some might look back and ask the question that Nobel Prize-winning economist Ronald Coase asked 50 years ago about the FCC and spectrum regulation: “How did the commission come to acquire this power?” But I’d like to know the answer to that question right now regarding the FCC’s growing interest in cloud computing.