A new industry initiative by Amazon, Google and Microsoft, as unveiled on 1st October, aims to establish basic commitments and protections for companies that store and process data in the cloud and set guidelines for working with governments.
The three tech giants, along with several other enterprise companies including Cisco, Salesforce/Slack, SAP, Atlassian, and IBM, have teamed up and agreed to a series of principles related to customer data and government regulations in cloud computing.
What they’re calling ‘The Trusted Cloud Principles’ is said to be a joint commitment from the world’s largest cloud providers to ensure fairness for customers by safeguarding the interests of organizations and the basic rights of individuals using cloud services so that they can accomplish what they need in a safe and secure way.
As part of the initiative, these tech companies have committed to protecting the privacy and security of their customers’ data by calling on governments to “recognise certain baseline protections as they enact laws for the cloud era”.
Together, the group outlined a handful of key principles, including that governments should engage customers first, with only narrow exceptions, customers should have a right to notice, cloud providers should have a right to protect customers’ interests, governments should address conflict of law, and governments should support cross-border data flow.
This initiative comes as companies and government regulators consider how to address a range of cloud computing issues. Everything from where data is stored to when information can be handed over to law enforcement.
Interesting Read: Is Underwater Cloud Computing a Real Thing?
The Trusted Cloud Principles also addressed governmental requests for customer data, with signatories calling on states to seek data directly from enterprise customers rather than cloud service providers. This won’t apply to exceptional circumstances that were not specified by the document, yet are likely to include serious criminal charges.
The signatories stated that, although governments have a legitimate and important interest in protecting the safety and security of their people, there have been cases where they seek to gain access to data under laws that do not adequately protect human rights and the rule of law, and conflict with laws of other countries.
In order to achieve their objectives, the signatories committed to working with the tech sector, public interest groups, and policymakers around the world, particularly in the countries where they operate or plan to operate data centres and cloud infrastructure, to ensure that laws and policies are substantially in line with the principles.
Recommended Read: What is Digital Integration and Why is it Important?