The Electronic Privacy Information Center has filed a lawsuit against the U.S. Federal Trade Commission, asking a court to force the agency to take action against Google over planned changes in the company's collection of personal data.

Amid widespread concern about its new privacy policies, Google is now facing criticism over an offer to give users Amazon gift certificates if they open their Web movements to the company in a program called Screenwise.

The U.S. Federal Trade Commission has sent warning letters to the makers of six mobile apps used for background checks, saying the apps may violate a consumer credit protection law.

Microsoft today wrapped up a three-day campaign against rival Google by claiming its newest browser, Internet Explorer 9 (IE9), is superior in stopping users from being tracked by online advertisers.

Digital rights groups in Europe have called for a ban on blanket data retention after a leaked internal memo from the European Commission admitted that there are significant problems with the current E.U. Data Retention Directive.

A security researcher today provided a way for users to see whether their e-mail addresses and passwords were among the 1.3 million compromised in a hack of Gawker Media's sites.

One of the remaining key issues Cloud users need to consider relates to the notion of being locked-in to certain applications or systems — and if a user wants to transfer data or applications from the Cloud, whether the data is portable between service providers. In these circumstances, a user will need to consider its requirements to access data some years into the future for a plethora of regulatory reasons.

Proper due diligence focuses on identifying the players in the Cloud relationship. That is, who is actually involved in providing the services and are they the same entity (or entities) that are processing or storing data? In the case of aggregators, for example, a Cloud user could be dealing with a single entity which itself is provided services by various third parties.

Unlike a fixed server in your office or at a data centre in Australia, data in the Cloud can potentially be located anywhere in the world — even in multiple data centres in multiple copies worldwide. A Cloud service provider may not even know where the data resides at any one time. The Cloud may not be tied to any particular location but this is clearly not the case with the laws of each country. Any ‘global’ technology solution will be impacted by the laws of a large number of nation states. As a result, sending and processing data around the globe could, in the process, fail to comply with data protection and privacy laws in various countries.

The Cloud can be cheaper, more flexible, easier to manage and efficient. But users and providers of Cloud services have to weigh these advantages against the risks or perceived risks — such as regulatory compliance, security, performance, availability of service, and liabilities and remedies under the governing contracts.

Though most U.S. companies still list customer and other corporate information as their most valuable assets, many keep pushing this data farther from safe lockdown in the data center--and are about to give it another strong shove in that direction.