Cloud Security

Tech heavyweights release Trusted Cloud Principles for protecting security, privacy of cloud data

October 1, 2021
The Google corporate logo and Google Cloud logo stand outside the Google Germany offices on Aug. 31, 2021, in Berlin. Major cloud providers, including Google Cloud, released security and privacy principles to protect cloud data. (Photo by Sean Gallup/Getty Images)
  • Engage customers first. Governments should seek data directly from enterprise customers as opposed to cloud service providers other than in exceptional circumstances. 
  • Right to notice. When governments seek to access customer data directly from a cloud service provider, customers of the provider should have a right to advance notice of government access to their data, which only can be delayed in exceptional circumstances.
  • Cloud providers should have a way to protect their customers. The industry should develop a clear process for cloud service providers to challenge government access requests for customer data, including notifying relevant data protection authorities.
  • Governments should address potential legal conflicts. Governments should create ways to raise and resolve conflicts with each other so that a cloud service provider’s legal compliance in one country does not amount to a violation of law in another.
  • Support for cross-border data flows. Governments should support the cross-border flow of data as an engine of innovation, efficiency, and security, and avoid data residency requirements.
prestitial ad