UK Regulator to Investigate Cloud Storage Complaints

The UK’s competition regulator has opened a review into price rises and security issues in the cloud storage industry in a move that could have a big knock-on effect on businesses using consumer-grade services.

The Competition and Markets Authority (CMA) announced on Tuesday that it would be following up on concerns about price and service changes in the consumer cloud storage space.

It claimed some consumers have been surprised by “significant” price increases and reductions to supposedly unlimited storage capacity after deals have been agreed. Others complained about loss or deletion of data, it said.

The review process will set out to evaluate how widespread such alleged practices are and whether they breach consumer law.

The review is open until 15 January, and the CMA is inviting responses from all stakeholders, according to senior director, Nisha Arora.

“We want to hear from business, interested organizations and consumers about their experiences, to assess whether companies understand and comply with consumer law and whether cloud storage services are working well for consumers as a result,” she said in a statement.

“If our review finds breaches of consumer protection laws, we will take further action to address these, which could include enforcement action using our consumer law powers, seeking voluntary change from the sector or providing guidance to business or consumers.”

Michael Hack, SVP of EMEA Operations at Ipswitch, argued that any future ruling could impact the increasing number of businesses that use consumer storage services.

For example, Ipswitch research recently found that a third of UK IT professionals allow Dropbox for corporate use.

“If these services are found to be letting down consumers, what would that mean for the businesses allowing their data to be shared unsystematically?” he asked. 

“It will be interesting to see whether the CMA, or any other body, looks into how these findings may impact corporate data protection requirements.”

Sundaram Lakshmanan, VP of technology at CipherCloud, added that cloud storage firms “often take the path of least resistance” with existing customers.

“Often, cloud providers archive data for a duration to make it easier to restore service if the user returns. Besides, many providers do not have a clear practice around data ‘shredding’,” he added by email.

“The process could use more transparency, such as letting customers know exactly what happens to data at end of life. For example, is there is an archiving period, does the provider shred the data and hard wipe it from memory, etc.”

hot © agasandrew

What’s Hot on Infosecurity Magazine?