NZ wants one cloud code to rule them all

The body creating New Zealand's cloud computing code of practice has amended its second version to appeal to a global audience and make it easier for the likes of Australia to adopt.

The code, developed by New Zealand’s Institute of IT Professionals (IITP), has been put forward as a model for an Australian cloud protocol, which is currently under development by the the Australian Computer Society (ACS) in consultation with industry and prospective users of cloud services.

Paul Matthews from New Zealand’s Institute of IT Professionals (IITP) said the IT industry would be best served by a standard global cloud code of practice.

The IITP yesterday issued version 2.0 of New Zealand’s CloudCode (pdf), which Matthews said had been specifically designed for global appeal, positioning it to become the model that other countries progressively adopt.

“The first version was very much a New Zealand cloud computing code,” he told iTnews.

“However after we released it we fielded a huge number of queries from different countries, such as Australia, Singapore and Canada, interested in the adoption of a similar code.

“So in version two we took out everything that was specific to New Zealand and amended the language so that the code could be adopted overseas while still keeping 95 percent of the content,” he said.

The international nature of cloud computing meant it made sense to have a global code of practice to match, Matthews said, so vendors didn’t need to duplicate the process of becoming a signatory for every new jurisdiction they moved into.

“We don’t think that having a separate code in each country is good for anyone. It is far better for New Zealand cloud providers, as it is better for Australian cloud providers and providers from other countries, if there is one set of disclosures that can be used in multiple countries.”

The list of providers registered under the New Zealand code, and the branded seal used by signatories will be announced on 13 August this year.

The ACS' cloud protocol discussion paper specifically drew attention to the complaints and resolutions procedure offered up by the neighbouring country.

“Using the New Zealand Code as an example, are there changes or improvements that could be made which would improve the efficacy of that process in an Australian context? Are there other issues not addressed in the New Zealand Code that need to be considered?" it said.

Points of vendor disclosure suggested by the discussion paper also roughly align to those set out in the New Zealand code; such as locations of hosted data, whether vendor claims any ownership rights over data, standard and premium support offered, and the vendor’s policy for responding to requests from law enforcement agencies.

Adam Redman of the ACS recognised the rationale behind a global standard but said the format of the final Australian cloud protocol would ultimately depend on the input received during the dialogue currently underway.

“Given the given the global nature of IT it does make sense to establish a common approach to cloud, without diluting the particularities of a region,” he said.

An Australian Cloud Computing Protocol, as requested by the National Cloud Strategy, is due to take effect in January 2014.