Who’s Responsible for Data in the Cloud.

While trawling through the internet i came accross an a couple of articles that made me think, about

The first one was on the bbc technology site and it talked about cloud computing and the US Patriot Act, this is similar to the UK’s anti terrorism legislation and as far as i can see it gives the US government the right to look at data stored in the states if they think that it might include information about terrorists.

You might me thinking, well what does that have to do with me i’m not an american, so what if the americans can look at data within their own country. But what you have to remember is that many many services like amazons S3 data storage, hotmail, skydrive and gmail are all hosted in the states, so any data stored on these is covered by the Patriot Act.

What’s i bet that if they really wanted to they could make these laws extend to any data travelling through there network, so if you send an email, a twitter message, a file or any other string on ones and zeros and its routed through the us or any ther country they would be at liberty to read that information, and use it to whatever purpose they saw fit.

This got me to thinking as a system administrator, if i’m storing data in the states and viewing it on terminals in the Uk, do i need to adhere to both the Uk’s data protection Act and any american version of the same act, or does the data protection act only apply to data held on citizen of a particular country, if so do what laws do i have to adhere to if i have a mailing list which contains data from people in several different countries.

The second artical i came accross was something on tech crunch about a German Politician, that had a legal ruling made to prohibit the local german version of wikipedia from accessing information on the main wikipedia database in miami.

The focus of my thoughts here really is were does responsability lie if an english company say has a website hosted in the US, but bought and paid for in the UK, and you want to take them to stop them from false advertising, do you persue the Uk company, or the US isp hosting their data? And what if for example the banner ads you object to on the site as simply embedded links to data on a video server in say germany. In fact the whole area of links seems quite complicated, if you for example display an rss on your site from elsewhere on the internet and they say something that is could be slanderous are you also guilty of slander and howdoes this work across borders, i mean something may be deemed slanderous in one country but not another. There was talk yesterday that the german politicians background in the german police was protected under german law, but does that extend outside of germany.

what are you thaughts on this?

Advertisements
Who’s Responsible for Data in the Cloud.