SafeGov.org and Ponemon Institute study shows UK schools moving rapidly to adopt Cloud Computing, but overwhelmingly reject business models that allow cloud providers to mine student data for profit.

Cloud computing allows dramatic flexibility in information processing—and on a global basis. Its technology permits data transmissions that span the globe. Computing activities now shift from country-to-country depending on load capacity, time of day, and a variety of other factors. These decisions are sometimes made in real time and by machines rather than humans.

On May 10th, the 2nd Annual Higher Ed Privacy & Information Management Forum was held at George Washington University Law School, co-hosted by the Cornell University and sponsored by SafeGov.

Imagine a world in which every major company in America flew hundreds of thousands of drones overhead, 24 hours a day, seven days a week, 365 days a year, collecting data on what Americans were doing down below. It's a chilling thought that would engender howls of outrage.

I had the pleasure of having the opportunity to interview Kathleen Styles about cloud computing in education. Styles is the first chief privacy officer of the U.S. Department of Education (ED). Previously, she served as the chief of the Office of Analysis and Executive Support at the U.S. Census Bureau. Without further ado, here’s the interview.

Are Google's March 2012 privacy policy changes legal? This is a question that the European data protection authorities have been working on since Google first announced its intention to change its privacy policies in January 2012. Soon after the announcement, France asked European data protection authorities to open an inquiry into the matter. In addition, U.S. Representative Edward Markey announced his intention to ask the FTC whether Google's privacy policy changes were also legal in the United States.

European Union regulators have taken their first step to making good on their recent threat to take “repressive action” against Google by summer.

To improve data protection in the public sector, government agencies must pursue more proactive action in coordination with internet and cloud services providers.

On April 2 the French privacy authorities (known by their acronym CNIL) announced that France, and the privacy authorities in five other European countries (Germany, Italy, the Netherlands, Spain, and the United-Kingdom ), had agreed to simultaneously begin enforcement actions against Google under their respective domestic privacy laws. The enforcement actions follow a months-long investigation of Google’s privacy policy to determine whether the policy met the requirements of the European Data Protection Directive. It also follows a 4-month delay in enforcement during which the European authorities had hoped Google would modify its practices. This decision is quite significant.

Following last month’s final meeting between Google and European regulators at which “no change” in Google’s attitude was seen by European Union (“EU") regulators, at least five European countries began their own investigations into Google’s global privacy policy, promising coordinated enforcement action by summer.