While the relevance of an Opinion of an EU Working Party on data protection (ie privacy) in the Cloud (Opinion) may not be immediately apparent to Australian businesses that do not conduct business or have related entities in the EU, the Opinion furthers the collective thinking on data protection/privacy in the cloud computing environment and considers a number of issues that are relevant in Australia.
Some of the matters addressed by the Working Party in the Opinion are specific to the EU regulations (which differ from Australian privacy law). However, there are a number of matters considered and discussed by the Working Party (eg control, transparency and security) that are equally relevant in and for Australia. I therefore commend to you my EU colleagues' alert on the Opinion here. For a discussion of the privacy issues arising in the cloud under Australian law and the practical means of addressing these issues, please contact me using the email address below to request a copy of my booklet, Clearing the Legal Fog: Cloud Computing Explained.
Finally we note that the Australian Prudential Regulation Authority (APRA), the prudential regulator for much of the financial services sector in Australia, is sending a team to India to evaluate the standards of service providers in that country, which is timely given those service providers' increasing role in providing offshored, outsourced and now cloud services to the financial services sector in Australia. There is little detail on the proposed outcomes of this visit, but it could lead to either an unofficial or official APRA 'seal of approval' for a number of specific providers and/or a toughening of APRA's guidance in respect of governance and security requirements when offshoring, outsourcing or moving into the cloud. If the latter, the revised guidance will ultimately need to tie in with the general privacy requirements of those businesses in Australia regulated by APRA in the financial services space. At this time, however, it is very much a case of 'watch this space'! We will update you as soon as we hear anything further.
© DLA Piper
This publication is intended as a general overview and discussion of the subjects dealt with. It is not intended to be, and should not used as, a substitute for taking legal advice in any specific situation. DLA Piper Australia will accept no responsibility for any actions taken or not taken on the basis of this publication.
DLA Piper Australia is part of DLA Piper, a global law firm, operating through various separate and distinct legal entities. For further information, please refer to www.dlapiper.com
