What happens to people's data in a cloud?
Bill Thompson looks at how companies are taking care of people's data.
A number of large technology companies, including Google, Microsoft, and Yahoo!, have announced that they have signed up to a voluntary code of conduct on how they do business in countries that curtail freedom of expression, such as China and Singapore.
The code has been drawn up by the Washington-based digital rights group The Center for Democracy & Technology, and a non-profit organisation in San Francisco, Business for Social Responsibility. It addresses the terms of business companies should adhere to, and also calls on them to ensure that suppliers and business partners also sign up.
It's not surprising to see this sort of self-regulation being proposed as otherwise political initiatives, such as the Global Online Freedom Act (passed by a US Senate committee, but currently floating in legislative limbo), could actually become law.
Companies don't like legislation that restricts their freedom of action, and signing up for some sort of code might satisfy the political establishment, especially as they are only just recovering from nationalising most of the financial system.
I found out about proposals for the code from an article in the San Francisco Chronicle, which had obtained an early draft through some good old investigative journalism. My friend Laura posted a link to it on her Twitter feed, and I spotted it as I was sitting on a train to Brighton.
The way news spreads around the network using social networks, messaging services, and of course email, is a fascinating example of the network effect in operation.
Networks become more useful the more people there are on them, and people are more likely to share news snippets and links when there are enough people listening to what they say to make it worthwhile.
And this free flow of information is, of course, one reason why the code has come about in the first place.
When Google agreed to censor search results on google.cn the news broke online, and details of how Yahoo! co-operated with the Chinese authorities to track down political bloggers became a big web story.
Ahead of its official publication, the Chronicle showed the version it had obtained to other online activists, who criticised it for its weakness.
Morton Sklar, who worked with the families of the jailed Chinese dissidents in a lawsuit against Yahoo!, told them: 'It's an expression of general support for freedom of expression on the internet, but doesn't go beyond that to provide the specifics'.
However, even an inadequate code of conduct is something, because once it is in place, it can be improved. And even if the provisions are weak, they offer something for those advocating constructive engagement with repressive regimes a starting point in their discussions.
This is important because the world of computing is changing in ways that could make it even more imperative to be open about how companies engage with governments.
At its professional developers' conference this week, Microsoft announced details of its offering in the growing cloud computing arena, the Azure Services Platform.
Cloud computing is the marketing-friendly term for the increasingly common practice of storing an organisation's information in data centres owned, and run, by other companies using their computing resources to run programmes, instead of relying on local desktops or servers.
Google, Amazon, IBM and others are already in this area. Amazon will let you store data on S3, its Simple Storage Service or run 'virtual computers' on EC2, the Elastic Compute Cloud, while Google offers Apps for Enterprises.
Now Microsoft is trying to extend the Windows operating system away from the computers located onsite, in what it has started calling the 'local, on-premises Windows world', and onto massive Microsoft-managed data centres.
It is, in many ways, a typical "embrace and extend" strategy. We saw it when Internet Explorer was launched as a web browser that worked well on non-Microsoft websites, but offered special features for those running Microsoft's own web server; features that ended up tying customers into Windows long after web standards had moved on.
It is also a clear sign that cloud computing is the way forward: a generational shift as significant as that from the mainframe to the desktop computer is happening as we watch.
But what does this do for the companies that sell cloud-based services rather than operating systems, routers or hardware? What happens when Microsoft, Yahoo!, Google and IBM are actually running programs and storing data on behalf of their customers? We may criticise Google for censoring search results in China, but what happens when Microsoft data centres are being used to store data on political prisoners or transcripts of torture sessions?
There is already a lively debate about the dangers of having the US government trawl through a company's confidential records using the provisions of the USA PATRIOT Act, taking advantage of the fact that the main cloud platforms are run by US companies.
But the other side of the equation matters too. Should Amazon feel happy that its elastic compute cloud could easily stretch to support human rights abuses that would still be considered unacceptable in most of the world? And if so, what should we do about it?
Bill Thompson is an independent journalist and regular commentator on the BBC World Service programme Digital Planet.