Cloud Computing and Data Sovereignty
For Governments, this is going to be one of the biggest hurdles for Cloud Computing – where is my citizens data. Most counties have rules and regulations about where citizens data can be stored; and using cloud computing where your data could effectively be anywhere is going to be an issue.
There are huge debates that need to be had around this, it is not a question that is going to be solved quickly as the answer is not uniquely technical, legal or policy driven – it is a mixture of all of the above. I don't think the problem is insurmountable at all, regulated industries such as banking who also deal with significant privacy and security issues resolved this years ago. I can get cash from a cashpoint and use my Credit Cards pretty well anywhere in the world, and call centres are often located in different countries.
One announcement that is great to see is that Azure is going to let developers choose which data centers they want their code and data stored in. At the moment Azure is running on two data centers in the US, but more locations outside of the US are planned. This is going to make the Data Sovereignty issue slightly easier in some cases. The legal ramifications of storing UK Citizen data in the US is very different to storing it in another EU country, for example. Also from a technical point of view, being able to locate your code in the same geographical area as your users makes a lot of sense from a performance standpoint.
Hopefully with technical advances like this and engagement with Government policy makers we can overcome these issues.
Comments
Anonymous
March 18, 2009
PingBack from http://www.clickandsolve.com/?p=25108Anonymous
May 13, 2010
This is a fantastic post and it mirrors a larger problem of people being able to control their own data. The only real solution is going to be to have individuals take control of their own data and not let service providers have access to it without agreeing to give them complete control. One could imagine using the tools developed for Digital Rights Management in the record industry to maintain control over personal information proliferation.