Unlike Microsoft’s recent ruling, Google has been ordered to move some of its email data from foreign data centers back to the US – a move which hosting providers claim cloud jeopardize customers and their privacy requirements.
We all have a strong interest in data sovereignty laws here in Canada and we continue to watch the results of government lawsuits against American-based cloud hosting providers who are hosting customer data internationally in places like England, Canada and others with great interest.
Recently on the news, a US judge decided that while Microsoft does not have to share email stored on its foreign servers with police and spies, Google does and will have to comply by sharing data from multiple data centers outside the US.
US Magistrate Judge Thomas Rueter ruled that transferring emails from a foreign server so FBI agents could review them locally as part of a domestic fraud probe did not qualify as a seizure.
The judge said this was because there was “no meaningful interference” with the account holder’s “possessory interest” in the data sought. “Though the retrieval of the electronic data by Google from its multiple data centres abroad has the potential for an invasion of privacy, the actual infringement of privacy occurs at the time of disclosure in the United States,” Rueter wrote.
Google said that the magistrate had departed from precedent, and it will appeal the decision.
The ruling came less than seven months after the 2nd US Circuit Court of Appeals in New York said Microsoft could not be forced to turn over emails stored on a server in Dublin, Ireland that U.S. investigators sought for another case.
For all those customers in Canada, and other countries like the UK, who are beginning to leverage services cloud services from American-based firms instead of local Canadian firms where data sovereignty is guaranteed, “The US government are making it very clear, if you host your data, use email services or have any technological dealings with global American firms, you need to be prepared for them to access your data at will. It’s as simple as that” – UK-based hosting company
So many of our Canadian Web Hosting clients are looking for cloud services today. We continue to caution Canadian Web Hosting customers and this can include steps like checking the applications they are using, what security features they have, where the data is stored and where that particular cloud provider’s headquarters are located. As an example, our dedicated cloud division AURO has flexible and helpful on-boarding methodologies to help companies look at their data and the requirements behind any type of move including looking at encryption standards and cloud or locally based security precautions.
The case will be closely watched by the EU and Canada, which maintains strict privacy rules around customer data. Unlike Canada, the EU is looking for possible reasons to drive American-based providers out of the marketplace and pushing companies towards local and compliant based cloud hosting services.