Microsoft lobbies to drown cloud stigma

 

Cloud laws continue to confuse.

Microsoft Australia has begun lobbying Australia's state and federal governments to direct conversation away from the stigma of off-shore cloud deployments.

The software giant hoped to allay the fears of regulators, privacy commissioners and auditors-general - along with potential customers - of moving data to Microsoft's data centres in Singapore, US and Ireland by reaching agreements on what was considered safe for a cloud deployment.

Despite mounting pressure from competitors with plans to open local facilities, Australian chief technology officer Greg Stone told media at the company's TechEd 2011 conference this week that the company would not build a local cloud facility.

It would instead continue to rely on third parties including Fujitsu and HP to deliver some variants of the public cloud offerings from Sydney data centres.

Those who signed up directly to Microsoft or through Telstra's resold T-Suite offering would be serviced specifically out of Singapore, with some local data cached in Sydney.

"We're not at the point now where the business can sustain us making a significant investment in Australia to put something like a public cloud of that nature in here," Stone said.

"It doesn't make any economic sense if we want to deliver it at the price point compared to what we do in Singapore."

Stone said Microsoft was exploring additional options to overcome "physical limitations" of serving out of Singapore but wouldn't say what they were.

Remember to sign up to our Cloud Cover bulletin for the industry’s definitive digest on everything-as-a-service.

Instead, the software giant hoped to convince users that a direct offering from Singapore or locally through a third party was a better option.

In a blog post to policy think tank Open Forum last week, Microsoft Australia's director of legal and corporate affairs Jeff Bullwinkel argued that fears around the restrictions placed by the US Patriot Act on cloud deployments in other jurisdictions were misplaced..

Bullwinkel said the Patriot Act provided no additional powers to the US Government to retrieve information held overseas "regardless of the physical location of the information – so long as the company retains custody or control over the data" and maintained a US presence.

The same was true of companies with a local presence, he said, citing a 1999 Australian Federal Court case in which Malta-based Bank of Valletta attempted to escape providing customer transaction data held in Malta to Australia's National Crime Authority.

The bank had claimed the request was a breach of Maltese bank secrecy laws, but failed in the case and subsequent appeal, requiring it to hand over the transaction evidence.

This, Bullwinkel argued, was reason to assume that no laws existed to prevent customers off-shoring their data.

"Commonly the understanding or the feeling is that the privacy laws in Australia from sending data off-shore but strictly speaking, that's just not the case in relation to any category of data that a private organisation is responsible for," he said..

However, Mark Vincent, partner at Shelston IP and one of the nation's foremost legal experts on cloud computing, told iTnews he had a different view to Bullwinkel on some arguments around the US Patriot Act.

While there is no law strictly prohibiting trans-border data flows for most types of data, Vincent said organisations needed to consider their obligations under Australia's National Privacy Principles – specifically those that concern consent for trans-border data flow and those around using and maintaining the security of data collected.

The Federal Government has proposed introduction of new principles - dubbed the Australian Privacy Principles - which would effectively make the owner of the data strictly liable for any action that infringed the rights of Australians, including access by a foreign government.

A Senate inquiry into the proposed amendments backed calls for the Department of Prime Minister and Cabinet to form a list of countries whose regimes complied with the principles.

Microsoft itself had also suggested mandating foreign cloud providers enter into agreements with the Office of the Privacy Commissioner that would see any privacy complaints handled under Australian circumstances, rather than those of the cloud provider's jurisdiction.

However, in submissions to the inquiry, local companies repeatedly expressed concerns an overseas cloud supplier could not be prevented from breaching the privacy principles.

Vincent said the principles should not be a concern for all organisations, but should weigh in to any due diligence around the use of public clouds.

“Organisations will look at this and say, it this an issue for my business?” he said. “For many, the answer is no.”

He said a subsidiary of a US company in Australia is still required to deliver up data to a US parent and US law enforcement on request.

“So the real question is putting it with a foreign-owned company in the first place - the issue is the geographic reach of US laws,” he said.

“Bullwinkel is correct in asserting that US subsidiaries in Australia have always complied with US subpoenas, and have always delivered data held overseas. So what is different about the cloud?

"One issue is that access to data is even easier than before when it is stored in an off-shore cloud. It’s a lot easier for law enforcement to access data there compared to the due process required before the Federal Police in Australia come knocking on your door for access to physical records. In fact, in the US there are laws to prevent you from being told your data has been accessed.”

James Hutchinson travelled to TechEd 2011 on the Gold Coast as a guest of Microsoft.

Copyright © iTnews.com.au . All rights reserved.


Microsoft lobbies to drown cloud stigma
Microsoft Australia chief technology officer Greg Stone and director of legal and corporate affairs, Jeff Bullwinkel.
 
 
 
Top Stories
Change is the only constant at iiNet
iiNet's Matthew Toohey is trialling IBM's Watson - between preparing for an acquisition and making sure Netflix doesn't swamp the network.
 
Why straight-through processing is the holy grail for banks
Big benefits from stripping away human intervention and digitising processes.
 
CBA sued over frozen millions in IT bribery scandal
Eric Pulier's not-for profit lodges lawsuit in US.
 
 
Microsoft Australia chief technology officer Greg Stone and director of legal and corporate affairs, Jeff Bullwinkel.
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
New features are coming to Outlook.com
May 27, 2015
Outlook.com, thanks to its predecessor Hotmail.com, is one of the world's major webmail services ...
Windows 10 to feature integrated apps for Android and iOS
May 27, 2015
Microsoft reveals multi-platform Cortana connectivity for Windows 10. What the heck is that, and ...
Microsoft launches Office for Android preview
May 22, 2015
Microsoft has launched a preview of Office for Android smartphones. Pre-release versions of ...
Microsoft is working on an iOS email chat feature called Flow
May 22, 2015
Microsoft is working on a new chat app, but at the moment we know more about what we DON'T know, ...
Windows 10 free upgrade: Microsoft details who gets what
May 22, 2015
Microsoft was meant to be streamlining its OS with Windows 10, so why is upgrading so confusing? ...
Latest Comments
Polls
Should Optus make a bid for iiNet?

   |   View results
Yes
  44%
 
No
  56%
TOTAL VOTES: 656

Vote