Interesting story today in the AFR today (paywall I’m afraid) by Rachael Bolton regarding the legal complications and dangers inherent in the ‘cloud’, and the alleged complacency with which Australian firms have embraced cloud computing:

Mark Vincent of information technology law firm Truman Hoyle says many companies in Australia were not taking the security threat of offshore hosting seriously enough. According to Mr Vincent, “the biggest Australian organisations – the banks, the telcos, the governments – have the money and resources to think through all the aspects of what’s being served up to them and, quite rightly, will insist their data resides in Australia.” However, as Mr Vincent continues, smaller companies are not in the same position of power and “will often be presented with a take-it-or-leave-it-product.” Mr Vincent also warns that any company registered in the US is subject to the Patriot Act, even Australian incorporated subsidiaries of US companies such as Microsoft and Google. [Italics Added]

Cloud-based services have been openly advocated by the Commonwealth Bank of Australia’s group executive of operations and technology, Michael Harte; while Westpac Banking Corp chief information officer Bob McKinnon has said that its cloud computing strategy would demand that all data be housed on Australian soil.

Not surprising that Jeff Bullwinkel from Microsoft said the claims of complacency were overstated, and exposure to the Patriot Act exaggerated. Quite a few relatively complex legal issues in the cloud.