Australia's Cloud policy ruffles the United States' feathers
- 27 April, 2012 11:00
Australian government agencies are developing a Cloud framework for government agencies to follow, but a stance against storing classified data in off-shore locations has garnered ire from the US.
Australian Government Information Management Office guidelines released in February this year state agencies must adhere to IPP 4 – storage and security of personal information regulations, which requires agencies to ensure adequate security protections are in place against the misuse or loss of personal information.
“When the provider is located off-shore, satisfying IPP 4 may be more difficult. By using a cloud service, an agency is relinquishing some degree of control over its data,” the guide says.
It also highlights that off-shore data may be stored in jurisdictions where privacy laws differ from those in Australia, and some countries have provisions which allow its government to access Australian information.
“For instance, the USA Patriot Act 2001 contains provisions allowing the US Government to access information in specified circumstances, (i.e. cases involving suspected terrorism or threats to national security) irrespective of the geographical location and, without necessarily advising the agency,” it states.
However, the US government has labelled the policy as a trade barrier for companies with data centres in the US and in its 2012 National Trade Estimate Report on Foreign Trade Barriers says Australia is misinterpreting the US Patriot Act
The report states some Australian government departments have been sending out “negative messages about cloud computing services to potential Australian customers in both the public and private sectors, implying that hosting data overseas, including in the United States, by definition entails greater risk and unduly exposes consumers to their data being scrutinized by foreign governments.”
However, Rodney Gedda, senior analyst at Telsyte, says Australia is within its right to do this.
“All sovereign governments have the right to place restrictions on how and where public information is managed and stored, ,he says. "Concerns surrounding foreign government access to private information, for whatever purpose, should not be immediately interpreted as economic protectionism as these two concepts can arise for very separate reasons."
Glenn Archer, first assistant secretary policy and planning at AGIMO, says the government has “been quite explicit about where we think it’s safe to play”.
“I guess the [model] that gets the greatest attention is the issue of storing sensitive or personal information in the public Cloud, and at this time our position is we don’t think that’s advisable … [the] technology and the offerings from providers has not advanced sufficiently for that to be a wise thing to do,” Archer says.
On the other hand, where information is not sensitive and already in the public domain, Archer says public Cloud can be appropriate, with AGIMO currently using it for around 700 to 800 datasets on the data.gov.au website.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Integrated Computing Platforms: Infrastructure Builds for Tomorrow’s Data Centre
- Cloud Computing in the Midmarket : Assessing the Options
- FAQs: How to break the old trade-off between effectiveness against malware and speed
- Cloud 101
- ESG: Information Security, Virtualisation, and the Journey to the Cloud
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Spiceworks' free management software gets integrated MDM
Best Practice in BYOD
The key trend affecting enterprise mobility today can be summarized in four letters: BYOD – Bring Your Own Device. As the number of end-users bringing devices into your organization grows, so does the need for an effective Enterprise Mobility Management (EMM) solution. Learn how to manage devices across multiple platforms all from a single, centralised and unified management console. Download for more!
Batten Down the Hatches! A Guide to Protecting Data in Motion
The risks facing high-speed data networks and unencrypted data while in motion are very real and on the rise. As information becomes one of the most valuable ‘off balance sheet’ assets, protection of that information and the investment in it is a paramount obligation of office-holders and management. Read now for a better understanding of the risks to data in motion.
Leading Through Connections – Insights from the Global Chief Executive Officer Study
IBM’s 2012 Global CEO study follows face-to-face discussions with more than 1,700 CEOs and senior public sector leaders from around the globe. The findings examine how CEOs are responding to the complexity of increasingly interconnected organisations, markets, societies and governments. For example, almost one-quarter of CEOs say their organisations operate below par in terms of driving value from data. CEOs have expressed frustration about their inability to capitalise on available information. This is because: “The time available to capture, interpret and act on information is getting shorter and shorter.” CEO, Chemicals and Petroleum, United States Given the need for deeper business insight, the best performing organisations are more adept at converting complex data into insights, and insights into action. Download Entire Report Now.