Data without Borders: Privacy, Data Ownership and Legal Concerns for Data in the Cloud

As cloud storage services became the vehicle of choice for storing and processing large amounts of corporate data, a Chief Information Officer (CIO) or Chief Data Officer (CDO) must ensure that they fully understand the... [ view full abstract ]

As cloud storage services became the vehicle of choice for storing and processing large amounts of corporate data, a Chief Information Officer (CIO) or Chief Data Officer (CDO) must ensure that they fully understand the implications of such a strategy, given the increased focus on data security and the continuously evolving laws and regulations on data privacy and compliance. Global data storage options are readily available through the major cloud providers, each with a variety of storage locations. This paper looks at some of the major location-specific issues that to be considered before making a cloud hosting decision, particularly for storing personally identifiable information (PII). Parallels are drawn between previous issues in the financial sector where multiple jurisdictions are also involved. Several cloud storage issues are discussed including data ownership considerations, access from law enforcement agencies, and the transfer and sharing of data from one location to another. The paper also discusses the complications raised in multi-jurisdictional environment as the landscape is constantly changing when litigation makes its way through the global legal systems for the first time and new laws and regulations are introduced.