FTC seeks info on cloud computing market’s influence

The Federal Trade Commission is looking into the impacts of the $500 billion cloud computing market’s power in the U.S.

On Wednesday, the independent regulatory agency issued a request for information seeking insight on commercial cloud providers’ business practices, including the market power of companies that include Amazon, Microsoft and Google, as well as competition and potential security risks.

Cloud computing companies are increasingly providing the backbone for the world’s internet, hosting the data of nearly 70% of internet users, 60% of corporations and a growing cadre of government customers that includes the Central Intelligence Agency, National Security Agency and Pentagon.

The CIA, NSA, and Defense Department have each issued multibillion-dollar cloud contracts to commercial cloud providers in recent years, with Amazon Web Services—considered the market leader in cloud computing—scooping up the vast majority of that business.

“Large parts of the economy now rely on cloud computing services for a range of services,” Stephanie T. Nguyen, FTC’s Chief Technology Officer, said in a statement. “The RFI is aimed at better understanding the impact of this reliance, the broader competitive dynamics in cloud computing and potential security risks in the use of cloud.”

According to the RFI, the FTC is interest in the impact of cloud computing on the health care, finance, transportation, e-commerce and defense industries. The FTC’s Office of Technology, Bureau of Competition and Bureau of Consumer Protection are collaborating on the RFI. Topics of interest include:

• The extent to which particular segments of the economy are reliant on a small handful of cloud service providers.
   
• The ability of cloud customers to negotiate their contracts with cloud providers or are experiencing take-it-or-leave it standard contracts.
   
• Incentives providers offer customers to obtain more of their cloud services from a single provider.
   
• The extent to which cloud providers compete on their ability to provide secure storage for customer data.
   
• The types of products or services cloud providers offer based on, dependent on or related to artificial intelligence; and the extent to which those products or services are proprietary or provider agnostic.
   
• The extent to which cloud providers identify and notify their customers of security risks related to security design, implementation or configuration.

The public has until May 22 to submit comments. Submitted comments will be posted on Regulations.gov.