Safe Harbor, or any old port in a storm?
The recent ruling from the European Court of Justice (ECJ) on the invalidity of the Safe Harbor agreement will cause many multinationals to pause and think. More and more businesses are taking into serious consideration where their sensitive client data resides and is processed, especially when those locations are within the grasp of the US government, under the Patriot Act.
Data sovereignty and client data kept in ‘safe’ locations are common concerns we address with our customers at Dimension Data, especially given various countries’ data regulations. It’s one of the strengths of our Managed Cloud Platforms – a client knows where their workloads and data are so they can control which jurisdictions have a legitimate claim to their data.
Last month, there was quite a lot of noise over the US courts ordering Microsoft to allow them access to data stored in overseas (in this case Irish) data centres. There is currently a proposal in the US for a Law Enforcement Access to Data Stored Abroad Act to limit the scope to US citizens of interest outside the United States. It does raise the question of whether actions such as this by the US further validate the ECJ’s ruling and consideration of whether “Safe Harbor” is nearer any port in a storm.