Data sovereignty: Whose rules rule in the cloud?
To unthread some of these issues ACCA earlier this year partnered with a leading business consultancy and a law firm to survey 14 markets across the region.
We are developing a great dataset about regulations as they apply to cloud in each market. Our partners will also survey cloud customers to find what problems they have experienced and what their concerns are around data sovereignty.
The report, which is expected to conclude by the end of Q3, will rank each market for its suitability for global data cloud services.
Lawyer and ACCA member Stacy Baird, who is overseeing the project on behalf of ACCA, says ACCA members have expressed growing concern about the issue.
Increasingly, they are hearing questions from their customers: do foreign governments have access to data stored in another country? If my data is stored offshore, does the offshore government have access to the data?
Stacy says what is unusual is that this is a problem that has emerged in Asia and the west at the same time. Historically tech industry problems first arise in North America and Europe, and Asian countries have followed suit.
"In this case, governments around the globe are grappling with these issues," he says. "I think that says a lot about the nature of IT and cloud, that it is truly global."
While the ACCA study will lay out the problems, the solutions are not simple. Asia is a diverse region with almost every possible kind of political and legal structure.
But says many of the region’s governments see the economic significance of the cloud and are willing to take hold of the issue.
"They realise that they want to respond to the changing data management environment," Stacy says. "They’re concerned about data and privacy, but there's a recognition that there’s a major economic growth opportunity.
"It can be an opportunity for positive reform to laws around the world that will preserve sovereignty, protect privacy, but also enable the growth of cloud computing."