Heaviest Federal Regulatory Fallout on Cloud Said to Come Out of Left Field
The federal agency having the biggest regulatory impact on cloud computing and data centers is an unlikely sounding source, said a consultant who bills himself as the only government-relations specialist for the industry: The Commodity Futures Trading Commission. “The CFTC regulates corn, not technology,” said the consultant, CEO Peter Kavounas of Cloud Strategix. He told us that what he called the cluelessness reflected in rules the commission has imposed and proposed shows why providers including telcos need to keep aware and start approaching regulators to explain how their businesses work and what they need. The Chicago Mercantile Exchange has pushed back against several of the CFTC proposals.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
"The commission has not yet demonstrated ... a clear vision of a regulatory regime it may seek to impose on an industry that is not clearly within the CFTC’s authorizing statute,” said Equinix, a server-farm company, in filed comments criticizing proposed rules for collocation and proximity hosting (http://xrl.us/bniqkz). Kavounas “has a good deal of insight” and “more than a passing familiarity with data-center collocation and proximity hosting,” said an Equinix lobbyist, David Ransom of the McDermott Will law firm.
If cloud executives are thinking about regulation at all, it’s generally regarding network security and privacy, “because obviously a ton of money is spent on them,” said Kavounas, who was counsel to the federal Financial Crisis Inquiry Commission and has done legal work for CFTC member Bart Chilton. The CFTC’s activity is “a big deal” because “there are multiple regulations on the technology itself,” Kavounas said. They stem from the commission’s charge, largely from the Dodd-Frank financial overhaul law, to create “markets that are transparent” and where participants operate on “an equal playing field,” he said.
But “the CFTC is not a technology-savvy agency,” and like other agencies it’s strapped for staff with expertise and for money to buy it, Kavounas said. The commission’s stance naively assumes that putting “a server in the cloud” will make it able “to monitor everything,” he said. The attitude is, “We'll write some program and it will regulate everything,” Kavounas said. The CFTC declined to comment. TIA, CompTIA and the Storage Networking Industry Association didn’t respond to inquiries. Neither did Verizon, CenturyLink’s Savvis, Amazon.com or Google. Microsoft declined to comment.
A CFTC proposal would require covered “cloud computing and hosting companies to charge ONE price to every customer, regardless of current contracts or negotiations,” Kavounas wrote in a conference-presentation summary. “Part of this same regulation requires that the service providers, including data centers, must make room for (even if that means building a brand new data center if the old one is at capacity) and provide services to any ‘willing and able’ potential customer, regardless of credit worthiness or liquidity. As long as just one financial service or market participant is in the same data center (including oil, gas, or energy companies), this regulation will apply to that facility and every service provider in it.” This regulation has been through the comment cycle and awaits final action at a CFTC meeting as soon as Chairman Gary Gensler puts it on the agenda, Kavounas told us.
The CFTC is “forming the new swaps and over-the-counter derivatives market, which is a $600 trillion market,” Kavounas wrote. “One finalized regulation requires that any market participant must provide the CFTC with its vendor’s or its own data analytics plan before participating in the market. So, if any of your clients are banks, financial advisers, hedge funds, market traders, exchanges, oil, gas, or energy companies or are at all trading on a commodity or equity market, then both you and your client are equally responsible for providing the CFTC and other agencies with your data analytics, algorithm, or business intelligence products. Your client will be stopped from trading unless this demonstration happens first. ... If you have not provided information to the CFTC, then the data product you created is now useless because your client is legally prohibited from using it for its intended purpose."
A rule that took effect at the end of 2011 requires all data in a regulated swaps market that will start Jan. 1 to be searchable and reportable, Kavounas said. “The market it applies to hasn’t been created, and the companies it applies to don’t understand it,” he said.
The FCC is “probably in the best position” of any federal agency to oversee data centers but has backed off because the operators don’t control telecom lines, Kavounas said. But “they'll probably focus more on data centers in the next few years,” he said.