When it comes to the laws and regulations related to cloud computing, they are mostly concerned with the data privacy of cloud users. The reason why cloud computing and data privacy are so intrinsically connected is that one of the most significant features of the cloud is that it allows people to store data on hardware located in remote physical locations, with a large portion of this data containing information the user would not want others to know about or have access to. After all, it is not unreasonable for cloud users to want their personal information to remain private, especially sensitive information that if compromised could open a user up identity theft and other types of fraud. Unfortunately, a number of laws and regulations concerning data privacy in the U.S., with most of them ensuring the privacy of a cloud user in a variety of circumstances, can leave much to be desired as a result data privacy not being explicitly recognized as fundamental right by the Constitution (Graf, Marlon, Jakub, & L., B., 2016, p.11). Because of this, some privacy laws, such as the ones meant to oppose data collection by private entities, are considered weak. Furthermore, laws that are meant to protect people against data collection by government entities can be very ambiguous when it comes to cloud computing. The main issue is whether a persons right to a reasonable expectation of privacy extends to cloud stored-data since by using the cloud, they are sharing their data with third parties. Sooner or later the laws regarding data privacy will need to undergo changes, a need that will increase the more prominent cloud computing becomes in the years to come.
There have already been a few laws that have made people upset due to the belief their privacy has been invaded. For the most part, these controversial laws have been clear cut in nature, they either did or did not invade the privacy of people. In some situations though, such as with the Patriot Act, the line between right and wrong is extremely blurred. The Patriot Act, a law created in response to the terrorist attacks on September 11, 2001, allows the U.S. government to collect information on individuals, regardless of whether they are U.S. citizens or foreigners, without their consent and with limited oversight over search warrants (Graf, Marlon, Jakub, & L., B., 2016, p.11). While this made quite a few people uncomfortable, most decided to just accept it due to how regulated it was. This changed in 2013, when Edward Snowden released information on how extensive the data collection efforts of the U.S. National Security Agency were. Countless individuals became deeply concerned with the fact their personal information could be easily accessed by an organization as powerful as the government. Even though these concerns are justifiable, there is the fact that the Patriot Act was not created with malicious intent. It was enacted to provide a means of averting a tragedy like the one that took place on September 11, 2001 from happening again. Its creators and supporters understood that the potential invasion of privacy was a sacrifice worth making to avoid another tragedy of such magnitude. In situations like these, there is no right answer because all of the available options seem to have their own inherent risks and dangers.