There are a number of concerns with cloud computing agreements, one of which is where your data will be stored or processed. Potentially, when utilising storage in the cloud, your data may be located anywhere in the world. This means that your data may be stored in multiple data centres, in multiple copies worldwide. This process, known as “trans-border data flow” could breach various data protection and privacy laws in the various countries your data may be stored in.
A partial solution lies in the Privacy Amendment (Enhancing Privacy Protection Bill 2012) introduced in May 2012 which includes the new Australian Privacy Principles (APP). In particular, APP 8 states that before a company in Australia can export a client’s personal information overseas, it must take reasonable steps to ensure that any overseas recipient will not breach the APPs. Essentially, the APPs introduce vicarious liability for companies in Australia that send data off shore. This provides some peace of mind for Australians utilising the cloud.
If you have any questions about a cloud computing contract, please do not hesitate to contact Sheena Vinden.