SlideShare a Scribd company logo
1
Law & Policy Meets Data in the Cloud:
Data Sovereignty Across Asia
Bernie Trudel
Chairman, Asia Cloud Computing Association
Data, Regulation, Jurisdiction and Cloud:
A “New Geography” Lesson
...and
in Singapore
Cloud Data
Storage
In Japan…
Multinational
Doing Business…
and the Multinational’s
Headquarters in Australia
…and the Cloud
Company
Headquarters
in the U.S…
in Singapore...
in the Philippines...
in Malaysia...
in Thailand...
in Indonesia...
… with servers in the
UK, Germany and the
Netherlands
in Korea...
in Japan...
2
ACCA Report: Key Findings
There are no prohibitions on the use of
cloud services in any country studied.
Let me repeat…
There are no prohibitions on the use of
cloud services in any country studied.
The Rush to regulate is leading to unclear
& inconsistent laws, particularly as to
Cross-Border data flow
ACCA Report: Biggest Challenge
“Many countries are... witnessing a lot of changes with many new regulations [on “cross border
data transfer, taxation, data sovereignty… effective this year or in the next few years]…” (p.20)
This is the “biggest hurdle.” (p. 80)
“Since [FSI] legal requirements may differ significantly from one country to another, companies… find
it difficult to organize cloud services for the whole enterprise [to comply in all] relevant
jurisdictions.” (p.21)
“As [Telecommunications] legal environments differ in different territories, there is a huge challenge of
harmonising and satisfying requirements across these territories.” (p. 21).
4
The report shows that Leading countries…
• “…proactively support the adoption and growth of cloud computing.” (p.16)
• Have “minimal restrictions on international data transfer” (p.15)
• Have “comprehensive and mature data protection legislation in place”
(p.14 & 15) and
• Have “business friendly regulations and major initiatives on cloud
computing” (p.14)
Leading countries in Asia are ideally
positioned to provide a model for a
Data Sovereignty FRAMEWORK.
5
ACCA Report: Roadmap to a Framework
A deeper look at why businesses care?
More than ever, IT choices will be made by the business and legal
teams
Business benefits drive
Risk v. Benefit analysis
Compliance requirements
Reputation
HR
IT department are now sharing due-diligence and risk assessment
responsibilities with the business decision-makers and legal departments
6
 Life in the multinational: Its all global now
 This has been done for decades by industry on captive
systems
 As recognised by APEC, TPP and AEC: efficiencies &
benefits of cloud computing are best achieved when
data – information – flows freely across borders
 The audit trail is key – and outsourcing guidelines
address this.
The Business Analysis:
Cross - Border Data Flows: Nothing New?
7
Howdogovernmentslookatcloudcomputing?
8
Whatarethelaws
thatimpactdatain
thecloud?
9
10
Whatarethelaws
thatimpactdatain
thecloud?
What are the main Data Sovereignty issues?
11
 Domestic Regulatory Compliance:
Confidentiality, availability,
retention, audit
 Jurisdiction claimed by other
countries
 Data leakage from the organization
(risks to privacy)
 Liability, remedies, warranties,
insurance
 Consistency of laws across
jurisdictions as applied to data
• 2013 Philippines: Recognizing cloud will help smaller banks, Bangko Sentral
ng Pilipinas (BSP) new IT regulatory framework allows banks to use cloud
computing; BSP recognizes some types of bank data appropriate for public
cloud, some only for private cloud.
• 2012 Singapore: Data stored offshore must be protected by law comparable to
Singapore’s – but you can seek an exemption from the government. Banking
regulations allow use of cloud computing.
• India 2011“Privacy Rules revised in 2012 to exempt “data outsourcing.”
• 2012 Philippines: Data Privacy Act applies to extraterritorial data storage if
data is about a Philippine citizen/resident, but not to residents of foreign
jurisdictions.”
• 2012 Australia: Businesses must take reasonable steps to destroy or
permanently de-identify personal information that is no longer needed. Cloud
customer held “strictly liable” for violations by cloud provider.
• EU and elsewhere looking to enact Data Purging laws, sometimes described
as “right to be forgotten.”
Anecdotally: Governments are revising rules but…
Little Harmony in a Web of Laws
12
 Distinguish truth from myths & misunderstandings
 Understand the customer’s regulatory challenges
 Understand the business and technology
 Understand the need for regulatory consistency across
the region
ACCA can contribute to a better understanding, and
ultimately, to better laws and regulations.
Harmonization: Steps to Improve Asia’s Regulatory
Environment
13
Objective: Understanding, Explaining & Improving
Asia’s Regulatory Landscape
 Develop a factual understanding of the regulatory landscape for 14 counties
 Recommendations to bring each country closer to the Ideal
 Australia
 China
 Hong Kong
 India
 Indonesia
 Japan
 Malaysia
 New Zealand
 Philippines
 Singapore
 South Korea
 Taiwan
 Thailand
 Vietnam
14
Data Sovereignty
Research
15
A major global research firm
14 Countries
700 man hours
A major regional law firm In-country resources
68 Questions 300 page SUMMARY of responses
100 page report.
Regulatory Stability and
Enforcement: Legal
environment is predictable,
fair, and aligned with
international regulations.
International consistency:
Regulations are clear, well
understood, reasonable to
comply with, and aligned
to global norms.
Data Safety: Data is
safe from access and
liability regulations.
Cross Border Movement:
Consumers can leverage
cloud providers from other
jurisdictions.
The “Ideal State” for Cloud Computing
16
Cloud Access:
Regulations support the
use of cloud computing
An Emerging Digital Divide of Leaders and Followers
Asia’s 14 countries fall into two groups: “Leaders” and “Followers”
Relative cross border movement score
Relativelegalenvironment
(Internationalconsistency&regulatorystability/enforcement)
(Size of bubble indicates relative average of data safety and cloud access scores.)
Australia
China
Hong Kong
India
Japan
Malaysia
New Zealand
Philippines
Singapore
South Korea
Taiwan
Thailand
Vietnam
Indonesia
18
Factor Leaders Followers
Data protection law Clear data protection law with reasonable
requirements that correspond to globally
accepted best-practices
No formal data protection law
Protected data elements Personal Identifiable Information (PII) is
defined and subject to regulations consistent
with international or regional guidelines (such
as APEC and OECD)
Inconsistent or not clearly defined
Applicability of cloud
computing regulations
Clearly understood what laws affect cloud
computing users and providers; in addition,
laws are technology neutral and do not
discriminate between technical options,
except where justified
Unclear what applies (i.e.,
telecommunications laws) or laws that
restrict cloud usage
Law transparency Laws are introduced in a transparent manner
with public input
Little consultation or advance notice
provided
Censorship No filtering or censoring requirements by
Internet Service Provider or Cloud Service
Providers
Mandatory filtering and / or censoring
requirements
Transfer of data outside of
jurisdiction
Can be accomplished with reasonable
controls
Not clear or involves onerous
requirements
Effective agency (or
regulator)
Enforcement conducted in fair and impartial
manner
Ad-hoc enforcement; varying
enforcement between different agencies
of the same government; regulators have
high degree of discretion over
enforcement decisions and regulatory
interpretation, with little accountability
or public scrutiny
Product preference No country specific technical requirements
that would require changes to the standard
product
technical restrictions that may require
country-specific changes to standard
product
Localization requirements No discrimination between local and foreign
service provider
Foreign Cloud service providers may be
subject to additional requirements and /
or restrictions than local providers
Distinguishing Leaders from Followers
Stay competitive
20
Potential for Leadership: The best ideas
in Asia can become the FRAMEWORK
for Data Sovereignty
End the rush to regulate: thoughtfully
rewrite laws that are unclear &
inconsistent
ACCA Recommendations
Final Thoughts
 Simplifying Data Sovereignty
“Ideal” State
Road map for regulators
Toward a Framework
Eliminating Confusion and mis-perceptions
It’s a good news story that we’ll make great
21
Asia Cloud Computing Association
Mission: to accelerate cloud-computing
adoption across the region of Asia Pacific by
engaging stakeholders, providing tools to
remove barriers and demonstrating the
benefits of adoption.
Vision: become the leading influencing
industry voice on cloud-computing promotion
and governance to business, government and
citizens in Asia
Cloud Readiness
Index Public Policy
Newsletter
SME Cloud Index
SME Resource
Centre
Cloud Assessment Tool
Service Provider Index
Advocacy
Stakeholder
engagement
DRIVING ADOPTION
22
DATA SOVEREIGNTY
Data Sovereignty
Study and Scorecard
23

More Related Content

What's hot

2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper
accacloud
 
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
accacloud
 
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
accacloud
 
Cloud-Enabled Enterprise Transformation: Driving Agility, Innovation and Growth
Cloud-Enabled Enterprise Transformation: Driving Agility, Innovation and GrowthCloud-Enabled Enterprise Transformation: Driving Agility, Innovation and Growth
Cloud-Enabled Enterprise Transformation: Driving Agility, Innovation and Growth
Cognizant
 
Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with StandardsPorticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
giladpn
 
Secure Cloud Computing
Secure Cloud ComputingSecure Cloud Computing
Secure Cloud Computing
Alasdair Kilgour
 
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
accacloud
 
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
accacloud
 
Cloud Readiness Index 2016 by the Asia Cloud Computing Association
Cloud Readiness Index 2016 by the Asia Cloud Computing AssociationCloud Readiness Index 2016 by the Asia Cloud Computing Association
Cloud Readiness Index 2016 by the Asia Cloud Computing Association
accacloud
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and Strategies
SafeNet
 
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
accacloud
 
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
accacloud
 
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
accacloud
 
3 Steps to Successful Business Expansion to Japan [WHITEPAPER]
3 Steps to Successful Business Expansion to Japan [WHITEPAPER]3 Steps to Successful Business Expansion to Japan [WHITEPAPER]
3 Steps to Successful Business Expansion to Japan [WHITEPAPER]
KVH Co. Ltd.
 
understanding and Leveraging Cloud Xcomputing
understanding and Leveraging Cloud Xcomputingunderstanding and Leveraging Cloud Xcomputing
understanding and Leveraging Cloud Xcomputing
IBM India Smarter Computing
 
IDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary CloudIDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary Cloud
Dean Bonehill ♠Technology for Business♠
 
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing AssociationCloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
accacloud
 
Cloud adoption in utility industry 2016
Cloud adoption in utility industry 2016Cloud adoption in utility industry 2016
Cloud adoption in utility industry 2016
Stephen Heron
 
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...
accacloud
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
accacloud
 

What's hot (20)

2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper
 
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
 
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
 
Cloud-Enabled Enterprise Transformation: Driving Agility, Innovation and Growth
Cloud-Enabled Enterprise Transformation: Driving Agility, Innovation and GrowthCloud-Enabled Enterprise Transformation: Driving Agility, Innovation and Growth
Cloud-Enabled Enterprise Transformation: Driving Agility, Innovation and Growth
 
Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with StandardsPorticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
 
Secure Cloud Computing
Secure Cloud ComputingSecure Cloud Computing
Secure Cloud Computing
 
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
 
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
 
Cloud Readiness Index 2016 by the Asia Cloud Computing Association
Cloud Readiness Index 2016 by the Asia Cloud Computing AssociationCloud Readiness Index 2016 by the Asia Cloud Computing Association
Cloud Readiness Index 2016 by the Asia Cloud Computing Association
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and Strategies
 
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
 
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
 
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
 
3 Steps to Successful Business Expansion to Japan [WHITEPAPER]
3 Steps to Successful Business Expansion to Japan [WHITEPAPER]3 Steps to Successful Business Expansion to Japan [WHITEPAPER]
3 Steps to Successful Business Expansion to Japan [WHITEPAPER]
 
understanding and Leveraging Cloud Xcomputing
understanding and Leveraging Cloud Xcomputingunderstanding and Leveraging Cloud Xcomputing
understanding and Leveraging Cloud Xcomputing
 
IDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary CloudIDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary Cloud
 
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing AssociationCloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
 
Cloud adoption in utility industry 2016
Cloud adoption in utility industry 2016Cloud adoption in utility industry 2016
Cloud adoption in utility industry 2016
 
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring ...
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
 

Similar to 26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singapore Forum]

The Impact of Data Sovereignty on Cloud Computing in Asia 2013
The Impact of Data Sovereignty on Cloud Computing in Asia 2013The Impact of Data Sovereignty on Cloud Computing in Asia 2013
The Impact of Data Sovereignty on Cloud Computing in Asia 2013
FairTechInstitute
 
Data Residency: Challenges and the Need for Standards
Data Residency: Challenges and the Need for StandardsData Residency: Challenges and the Need for Standards
Data Residency: Challenges and the Need for Standards
Cloud Standards Customer Council
 
Compliance policies and procedures followed in data centers
Compliance policies and procedures followed in data centersCompliance policies and procedures followed in data centers
Compliance policies and procedures followed in data centers
Livin Jose
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
Cédric Laurant
 
Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...
Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...
Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...
Samia Kenley
 
Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)
Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)
Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)
Executive Leaders Network
 
The future of regulation: Principles for regulating emerging technologies
The future of regulation: Principles for regulating emerging technologiesThe future of regulation: Principles for regulating emerging technologies
The future of regulation: Principles for regulating emerging technologies
Deloitte United States
 
Legal Framework for Cloud Computing Cebit May 31 2011 Sydney
Legal Framework for Cloud Computing Cebit May 31 2011 SydneyLegal Framework for Cloud Computing Cebit May 31 2011 Sydney
Legal Framework for Cloud Computing Cebit May 31 2011 Sydney
anthonywong
 
IEEE PHM Cloud Computing
IEEE PHM Cloud ComputingIEEE PHM Cloud Computing
IEEE PHM Cloud Computing
Joseph Williams
 
Session 2 ure_changingrules_final
Session 2 ure_changingrules_finalSession 2 ure_changingrules_final
Session 2 ure_changingrules_final
TRPC Pte Ltd
 
2015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 050520152015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 05052015
Jan Dhont
 
The Impact of Blockchain on Data Privacy Regulations.pdf
The Impact of Blockchain on Data Privacy Regulations.pdfThe Impact of Blockchain on Data Privacy Regulations.pdf
The Impact of Blockchain on Data Privacy Regulations.pdf
Liveplex
 
Data Privacy in the Cloud.pdf
Data Privacy in the Cloud.pdfData Privacy in the Cloud.pdf
Data Privacy in the Cloud.pdf
accacloud
 
Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...
Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...
Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...
OECD Directorate for Financial and Enterprise Affairs
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firms
accenture
 
Privacy issues in data analytics
Privacy issues in data analyticsPrivacy issues in data analytics
Privacy issues in data analytics
shekharkanodia
 
Trends in legal tech 2018
Trends in legal tech 2018Trends in legal tech 2018
Trends in legal tech 2018
Dan Storbaek
 
Trends in legal tech 2018
Trends in legal tech 2018Trends in legal tech 2018
Trends in legal tech 2018
Secure Privacy
 
Trends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the RisksTrends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the Risks
Nicole Garton
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity Legislation
IBM Security
 

Similar to 26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singapore Forum] (20)

The Impact of Data Sovereignty on Cloud Computing in Asia 2013
The Impact of Data Sovereignty on Cloud Computing in Asia 2013The Impact of Data Sovereignty on Cloud Computing in Asia 2013
The Impact of Data Sovereignty on Cloud Computing in Asia 2013
 
Data Residency: Challenges and the Need for Standards
Data Residency: Challenges and the Need for StandardsData Residency: Challenges and the Need for Standards
Data Residency: Challenges and the Need for Standards
 
Compliance policies and procedures followed in data centers
Compliance policies and procedures followed in data centersCompliance policies and procedures followed in data centers
Compliance policies and procedures followed in data centers
 
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz..."Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
"Data Breaches & the Upcoming Data Protection Legal Framework: What’s the Buz...
 
Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...
Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...
Banking Cores and Clouds in Asia Pacific: understanding Banks Use of Cloud Co...
 
Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)
Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)
Personal Data: Globalisation or Localisation (Gary Brown at Westinghouse)
 
The future of regulation: Principles for regulating emerging technologies
The future of regulation: Principles for regulating emerging technologiesThe future of regulation: Principles for regulating emerging technologies
The future of regulation: Principles for regulating emerging technologies
 
Legal Framework for Cloud Computing Cebit May 31 2011 Sydney
Legal Framework for Cloud Computing Cebit May 31 2011 SydneyLegal Framework for Cloud Computing Cebit May 31 2011 Sydney
Legal Framework for Cloud Computing Cebit May 31 2011 Sydney
 
IEEE PHM Cloud Computing
IEEE PHM Cloud ComputingIEEE PHM Cloud Computing
IEEE PHM Cloud Computing
 
Session 2 ure_changingrules_final
Session 2 ure_changingrules_finalSession 2 ure_changingrules_final
Session 2 ure_changingrules_final
 
2015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 050520152015-0318 GAC Presentation - BCR - 05052015
2015-0318 GAC Presentation - BCR - 05052015
 
The Impact of Blockchain on Data Privacy Regulations.pdf
The Impact of Blockchain on Data Privacy Regulations.pdfThe Impact of Blockchain on Data Privacy Regulations.pdf
The Impact of Blockchain on Data Privacy Regulations.pdf
 
Data Privacy in the Cloud.pdf
Data Privacy in the Cloud.pdfData Privacy in the Cloud.pdf
Data Privacy in the Cloud.pdf
 
Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...
Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...
Machine Intelligence and the Legal Profession - John O. McGinnis - June 2016 ...
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firms
 
Privacy issues in data analytics
Privacy issues in data analyticsPrivacy issues in data analytics
Privacy issues in data analytics
 
Trends in legal tech 2018
Trends in legal tech 2018Trends in legal tech 2018
Trends in legal tech 2018
 
Trends in legal tech 2018
Trends in legal tech 2018Trends in legal tech 2018
Trends in legal tech 2018
 
Trends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the RisksTrends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the Risks
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity Legislation
 

More from accacloud

ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
accacloud
 
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
accacloud
 
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
accacloud
 
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
accacloud
 
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
accacloud
 
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
accacloud
 
Cloud Readiness Index 2011 by the Asia Cloud Computing Association
Cloud Readiness Index 2011 by the Asia Cloud Computing AssociationCloud Readiness Index 2011 by the Asia Cloud Computing Association
Cloud Readiness Index 2011 by the Asia Cloud Computing Association
accacloud
 
2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association
accacloud
 
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
accacloud
 

More from accacloud (9)

ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
 
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
 
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
 
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
 
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
 
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
 
Cloud Readiness Index 2011 by the Asia Cloud Computing Association
Cloud Readiness Index 2011 by the Asia Cloud Computing AssociationCloud Readiness Index 2011 by the Asia Cloud Computing Association
Cloud Readiness Index 2011 by the Asia Cloud Computing Association
 
2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association
 
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
 

Recently uploaded

leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
alexjohnson7307
 
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
alexjohnson7307
 
Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024
siddu769252
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
Bhajan Mehta
 
Improving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning ContentImproving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning Content
Enterprise Knowledge
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
Matthias Neugebauer
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
sunilverma7884
 
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
bellared2
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
Baishakhi Ray
 
Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...
Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...
Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...
OnBoard
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
Steven Carlson
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
janagijoythi
 
kk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdfkk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdf
KIRAN KV
 
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
FIDO Alliance
 
Acumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptxAcumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptx
BrainSell Technologies
 
Uncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in LibrariesUncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in Libraries
Brian Pichman
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
shanihomely
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
DianaGray10
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
SelfMade bd
 
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
AimanAthambawa1
 

Recently uploaded (20)

leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
 
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
 
Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
 
Improving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning ContentImproving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning Content
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
 
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
 
Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...
Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...
Mastering Board Best Practices: Essential Skills for Effective Non-profit Lea...
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
 
kk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdfkk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdf
 
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
 
Acumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptxAcumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptx
 
Uncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in LibrariesUncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in Libraries
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
 
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
 

26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singapore Forum]

  • 1. 1 Law & Policy Meets Data in the Cloud: Data Sovereignty Across Asia Bernie Trudel Chairman, Asia Cloud Computing Association
  • 2. Data, Regulation, Jurisdiction and Cloud: A “New Geography” Lesson ...and in Singapore Cloud Data Storage In Japan… Multinational Doing Business… and the Multinational’s Headquarters in Australia …and the Cloud Company Headquarters in the U.S… in Singapore... in the Philippines... in Malaysia... in Thailand... in Indonesia... … with servers in the UK, Germany and the Netherlands in Korea... in Japan... 2
  • 3. ACCA Report: Key Findings There are no prohibitions on the use of cloud services in any country studied. Let me repeat… There are no prohibitions on the use of cloud services in any country studied.
  • 4. The Rush to regulate is leading to unclear & inconsistent laws, particularly as to Cross-Border data flow ACCA Report: Biggest Challenge “Many countries are... witnessing a lot of changes with many new regulations [on “cross border data transfer, taxation, data sovereignty… effective this year or in the next few years]…” (p.20) This is the “biggest hurdle.” (p. 80) “Since [FSI] legal requirements may differ significantly from one country to another, companies… find it difficult to organize cloud services for the whole enterprise [to comply in all] relevant jurisdictions.” (p.21) “As [Telecommunications] legal environments differ in different territories, there is a huge challenge of harmonising and satisfying requirements across these territories.” (p. 21). 4
  • 5. The report shows that Leading countries… • “…proactively support the adoption and growth of cloud computing.” (p.16) • Have “minimal restrictions on international data transfer” (p.15) • Have “comprehensive and mature data protection legislation in place” (p.14 & 15) and • Have “business friendly regulations and major initiatives on cloud computing” (p.14) Leading countries in Asia are ideally positioned to provide a model for a Data Sovereignty FRAMEWORK. 5 ACCA Report: Roadmap to a Framework
  • 6. A deeper look at why businesses care? More than ever, IT choices will be made by the business and legal teams Business benefits drive Risk v. Benefit analysis Compliance requirements Reputation HR IT department are now sharing due-diligence and risk assessment responsibilities with the business decision-makers and legal departments 6
  • 7.  Life in the multinational: Its all global now  This has been done for decades by industry on captive systems  As recognised by APEC, TPP and AEC: efficiencies & benefits of cloud computing are best achieved when data – information – flows freely across borders  The audit trail is key – and outsourcing guidelines address this. The Business Analysis: Cross - Border Data Flows: Nothing New? 7
  • 11. What are the main Data Sovereignty issues? 11  Domestic Regulatory Compliance: Confidentiality, availability, retention, audit  Jurisdiction claimed by other countries  Data leakage from the organization (risks to privacy)  Liability, remedies, warranties, insurance  Consistency of laws across jurisdictions as applied to data
  • 12. • 2013 Philippines: Recognizing cloud will help smaller banks, Bangko Sentral ng Pilipinas (BSP) new IT regulatory framework allows banks to use cloud computing; BSP recognizes some types of bank data appropriate for public cloud, some only for private cloud. • 2012 Singapore: Data stored offshore must be protected by law comparable to Singapore’s – but you can seek an exemption from the government. Banking regulations allow use of cloud computing. • India 2011“Privacy Rules revised in 2012 to exempt “data outsourcing.” • 2012 Philippines: Data Privacy Act applies to extraterritorial data storage if data is about a Philippine citizen/resident, but not to residents of foreign jurisdictions.” • 2012 Australia: Businesses must take reasonable steps to destroy or permanently de-identify personal information that is no longer needed. Cloud customer held “strictly liable” for violations by cloud provider. • EU and elsewhere looking to enact Data Purging laws, sometimes described as “right to be forgotten.” Anecdotally: Governments are revising rules but… Little Harmony in a Web of Laws 12
  • 13.  Distinguish truth from myths & misunderstandings  Understand the customer’s regulatory challenges  Understand the business and technology  Understand the need for regulatory consistency across the region ACCA can contribute to a better understanding, and ultimately, to better laws and regulations. Harmonization: Steps to Improve Asia’s Regulatory Environment 13
  • 14. Objective: Understanding, Explaining & Improving Asia’s Regulatory Landscape  Develop a factual understanding of the regulatory landscape for 14 counties  Recommendations to bring each country closer to the Ideal  Australia  China  Hong Kong  India  Indonesia  Japan  Malaysia  New Zealand  Philippines  Singapore  South Korea  Taiwan  Thailand  Vietnam 14
  • 15. Data Sovereignty Research 15 A major global research firm 14 Countries 700 man hours A major regional law firm In-country resources 68 Questions 300 page SUMMARY of responses 100 page report.
  • 16. Regulatory Stability and Enforcement: Legal environment is predictable, fair, and aligned with international regulations. International consistency: Regulations are clear, well understood, reasonable to comply with, and aligned to global norms. Data Safety: Data is safe from access and liability regulations. Cross Border Movement: Consumers can leverage cloud providers from other jurisdictions. The “Ideal State” for Cloud Computing 16 Cloud Access: Regulations support the use of cloud computing
  • 17. An Emerging Digital Divide of Leaders and Followers Asia’s 14 countries fall into two groups: “Leaders” and “Followers” Relative cross border movement score Relativelegalenvironment (Internationalconsistency&regulatorystability/enforcement) (Size of bubble indicates relative average of data safety and cloud access scores.) Australia China Hong Kong India Japan Malaysia New Zealand Philippines Singapore South Korea Taiwan Thailand Vietnam Indonesia
  • 18. 18 Factor Leaders Followers Data protection law Clear data protection law with reasonable requirements that correspond to globally accepted best-practices No formal data protection law Protected data elements Personal Identifiable Information (PII) is defined and subject to regulations consistent with international or regional guidelines (such as APEC and OECD) Inconsistent or not clearly defined Applicability of cloud computing regulations Clearly understood what laws affect cloud computing users and providers; in addition, laws are technology neutral and do not discriminate between technical options, except where justified Unclear what applies (i.e., telecommunications laws) or laws that restrict cloud usage Law transparency Laws are introduced in a transparent manner with public input Little consultation or advance notice provided Censorship No filtering or censoring requirements by Internet Service Provider or Cloud Service Providers Mandatory filtering and / or censoring requirements Transfer of data outside of jurisdiction Can be accomplished with reasonable controls Not clear or involves onerous requirements Effective agency (or regulator) Enforcement conducted in fair and impartial manner Ad-hoc enforcement; varying enforcement between different agencies of the same government; regulators have high degree of discretion over enforcement decisions and regulatory interpretation, with little accountability or public scrutiny Product preference No country specific technical requirements that would require changes to the standard product technical restrictions that may require country-specific changes to standard product Localization requirements No discrimination between local and foreign service provider Foreign Cloud service providers may be subject to additional requirements and / or restrictions than local providers Distinguishing Leaders from Followers
  • 20. 20 Potential for Leadership: The best ideas in Asia can become the FRAMEWORK for Data Sovereignty End the rush to regulate: thoughtfully rewrite laws that are unclear & inconsistent ACCA Recommendations
  • 21. Final Thoughts  Simplifying Data Sovereignty “Ideal” State Road map for regulators Toward a Framework Eliminating Confusion and mis-perceptions It’s a good news story that we’ll make great 21
  • 22. Asia Cloud Computing Association Mission: to accelerate cloud-computing adoption across the region of Asia Pacific by engaging stakeholders, providing tools to remove barriers and demonstrating the benefits of adoption. Vision: become the leading influencing industry voice on cloud-computing promotion and governance to business, government and citizens in Asia Cloud Readiness Index Public Policy Newsletter SME Cloud Index SME Resource Centre Cloud Assessment Tool Service Provider Index Advocacy Stakeholder engagement DRIVING ADOPTION 22 DATA SOVEREIGNTY Data Sovereignty Study and Scorecard
  • 23. 23