1 Comment

Summary:

Data security is a uniquely complex problem and lawmakers have struggled to enact new legislation. Cloud companies have to take their own steps to ensure their customers’ data is safe.

Brad Smith Microsoft Structure 2014

Most of the laws governing data privacy and security in the U.S. are nearly 30 years old, Microsoft general counsel Brad Smith said at the Gigaom Structure conference Thursday in San Francisco — but with gridlock in Congress, that may not get better any time soon. Private companies have to step up and make sure that customers’ data is secure, Smith said.

“We’re living in a time when Congress doesn’t get much done,” he said, but acknowledged that data privacy issues are also uniquely complex, making it more difficult for lawmakers to act on them. “It’s technically complex, it’s legally complex” and it involves two equally important values — privacy and public safety.

Smith said he actually believes that lawmakers understand technology much better than they used to: “The technical understanding of people in government…has gone way up,” even if they don’t know as much as “the people in this room.” But absent government action, companies need to act on their own and strengthen encryption. Microsoft will have encryption for data at rest and data in transit by the end of 2014, and is opening “transparency centers” so that some clients “can look at the code and satisfy themselves that there are no back doors.”

Photo by Jakub Mosur

Structure 2014 ticker

  1. NSA claim the cannot act because they are too large. That was their argument.

    Reply Share