The Federal Trade Commission (FTC) said on March 22 that it is gathering data on the U.S. cloud computing market and its service providers to get a better handle on the market power of providers, their impact on competition, and “potential security risks.”
In a wide-ranging Request for Information (RFI) the FTC said that its staff is looking for data about “the competitive dynamics of cloud computing, the extent to which certain segments of the economy are reliant on cloud service providers, and the security risks associated with the industry’s business practices.”
The RFI is also lasering in on cloud computing impacts across several major industries including healthcare, finance, transportation, e-commerce, and defense, the agency said.
According to published estimates, the global market for cloud services was approaching $500 billion in 2022, with the largest providers including Amazon, Microsoft, and Google.
The FTC is looking for public comments through May 22.
On the security front, FTC said the RFI aims to gather data on “the extent to which cloud providers identify and notify their customers of security risks related to security design, implementation, or configuration.”
The RFI is also looking for data on artificial intelligence (AI) tech, including “types of products or services cloud providers offer based on, dependent on, or related to artificial intelligence; and the extent to which those products or services are proprietary or provider agnostic.”
On competition issues, the agency wants to know more about:
- The extent to which particular segments of the economy are reliant on a small handful of cloud service providers;
- The ability of cloud customers to negotiate their contracts with cloud providers or are experiencing take-it-or-leave-it standard contracts;
- Incentives providers offer customers to obtain more of their cloud services from a single provider; and
- The extent to which cloud providers compete on their ability to provide secure storage for customer data.
“Large parts of the economy now rely on cloud computing services for a range of services,” commented FTC Chief Technology Officer Stephanie Nguyen.
“The RFI is aimed at better understanding the impact of this reliance, the broader competitive dynamics in cloud computing, and potential security risks in the use of cloud,” she said.
In announcing the RFI, the FTC noted that it has already brought legal actions related to cloud services, including against companies that have failed to properly protect the data they store on cloud services, and that the agency has issued guidance on steps that businesses can take to secure and protect data stored in the cloud.