Legislation review needed to protect cloud data says Microsoft

Strong data protection laws could help Middle East countries to become trusted cloud hosting locations

Tags: Cloud computingMicrosoft Corporation
  • E-Mail
Legislation review needed to protect cloud data says Microsoft Cloud-focused legislation is likely to be developed by many governments in future, says Smith. (ITP Images)
By  Mark Sutton Published  May 28, 2015

Microsoft's general counsel has said there is a global need for governments to review legislation relating to cloud services and data hosting to increase confidence in the security of such services.

Speaking exclusively to .GOV magazine, Brad Smith EVP and General Counsel, Legal and Corporate Affairs, Microsoft, said that there is a need for more robust laws to protect data hosted in the public cloud, to drive cloud adoption.

"This is a topic of interest, at this point, to virtually every government in the world. The number of countries that have broad laws in this space is relatively small, just as we saw in the 1990's many countries around the world strengthened their copyright laws, because they knew that would bring more software investment and software technology, I think over the next decade we are going to see many countries adopt cloud-focused laws that will go far to strengthen security and privacy in the cloud. That will be a good thing for the public sector and the private sector," Smith said.

"There are a number of countries that have strong laws that should give people confidence, but at the same time, virtually every country needs to update its law. The technology has changed rapidly, people's understanding of the technology issues has changed as a result. I don't think there is a single country in world that has on its books today the law it will want to have on its books in 2020."

Microsoft is currently working with governments to help develop new legal frameworks for the cloud, Smith said. At the same time, it has also put in place a number of measures including technical protections, contractual measures and standards certifications to increase confidence in its own cloud services.

The company has also given careful consideration to where it places the data centres that will host its cloud services. At present, Middle East cloud customers are normally served by Microsoft's data centre in Dublin Ireland, because of that countries strong data protection laws.

"Ireland has become to data what Switzerland has long been to money. Ireland has a good law, a strong data protection authority and I think customers in this part of the world can have confidence in that as an approach," Smith said. "We have chosen Ireland for this part of the world because we believe that it is a country that many other countries can look to and have confidence in."

Smith said that local demand for data centres will drive up their deployment in the Middle East, and that there is an opportunity for governments in the region to create legal frameworks to promote themselves as a preferred, trusted country for data centre hosting, although at present he did not see any ‘first movers' in the region.

"I think there is an opportunity in the Middle East for governments to enact new legislation, that is something that we think would speed the adoption of the cloud, it would bring the benefits of the cloud to more people more quickly, and I think it is the sort of step we can be constructive in helping people take," he added.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code