Cloud Computing is becoming a well-known buzzword nowadays. Many companies, such as Amazon, Google, Microsoft and so on, accelerate their paces in developing Cloud Computing systems and enhancing their services to provide for a larger amount of users. However, security and privacy issues present a strong barrier for users to adapt into Cloud Computing systems. In this paper, we investigate several Cloud Computing system providers about their concerns on security and privacy issues. We find those concerns are not adequate and more should be added in terms of five aspects (i.e., availability, confidentiality, data integrity, control, audit) for security. Moreover, released acts on privacy are out of date to protect users' private information in the new environment (i.e., Cloud Computing system environment) since they are no longer applicable to the new relationship between users and providers, which contains three parties (i.e., Cloud service user, Cloud service provider/Cloud user, Cloud provider). Multi located data storage and services (i.e., applications) in the Cloud make privacy issues even worse. Hence, adapting released acts for new scenarios in the Cloud, it will result in more users to step into Cloud. We claim that the prosperity in Cloud Computing literature is to be coming after those security and privacy issues having be resolved.