Data Sovereignty and the Cloud: A Board and Executive Officer's Guide

90 Pages Posted: 19 Dec 2013

See all articles by David Vaile

David Vaile

University of New South Wales (UNSW) - UNSW Law & Justice; Cyberspace Law and Policy Centre

Kevin P. Kalinich

AON PLC

Patrick Fair

Baker & McKenzie - Sydney Office

Adrian Lawrence

Baker & McKenzie - Sydney Office

Date Written: December 16, 2013

Abstract

With NextDC support, this was the first comprehensive comparison and analysis of the legal, technical and risk governance issues arising from the increasing use of 'Cloud' based data hosting, using criteria relevant to governance level decision making and risk management.

This research and policy report examines the technology of the cloud, insurance risk issues around "data sovereignty", approaches to assess and minimise this risk, comparisons of legal means of accessing data held by Australian companies under local and US jurisdiction (where many cloud services originated), and options for including these issues in existing organisational data risk analysis and management processes. European perspectives are also considered. Researchers investigated the comparative impact of laws and administrative and law enforcement practices in Australia, the US and other possible cloud venues, including rules under the Patriot Act and the Foreign Intelligence Surveillance Act in the US and the Telecommunications Act and related legislation in Australia. The focus is not on a definitive conclusion but on enabling those involved to conduct a careful examination of their data, the requirements of those affected by the data, and the impact of various potentially unwanted intrusions into expectations of security, confidentiality and privacy. The relevance of onshore versus offshore hosting is considered, and the effect of foreign control of entities hosting locally.

Suggested Citation

Vaile, David and Kalinich, Kevin P. and Fair, Patrick and Lawrence, Adrian, Data Sovereignty and the Cloud: A Board and Executive Officer's Guide (December 16, 2013). UNSW Law Research Paper No. 2013-84, Available at SSRN: https://ssrn.com/abstract=2369660

David Vaile (Contact Author)

University of New South Wales (UNSW) - UNSW Law & Justice ( email )

Kensington, New South Wales 2052
Australia

Cyberspace Law and Policy Centre

Sydney, NSW 2052
Australia

HOME PAGE: http://www.cyberlawcentre.org

Kevin P. Kalinich

AON PLC ( email )

London
United Kingdom

Patrick Fair

Baker & McKenzie - Sydney Office ( email )

Sydney
Australia

Adrian Lawrence

Baker & McKenzie - Sydney Office ( email )

Sydney
Australia

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
386
Abstract Views
2,528
Rank
140,748
PlumX Metrics