Amazon, Microsoft, Google back creation of Trusted Cloud Principles

The initiative calls on governments to recognise baseline security and privacy protections for customers

Abstract image representing cloud cyber security showing a cloud with a keyhole in the middle in front of a yellow and blue circuit board background

Amazon, Microsoft, Google are among the nine tech giants supporting the right for cloud providers to protect customers’ interests.

The list of signatories of the newly-established Trusted Cloud Principles also includes Atlassian, Cisco, Salesforce, Slack, and SAP.

As part of the initiative, the tech companies have committed to protecting the privacy and security of their customers’ data by calling on governments to “recognise certain baseline protections as they enact laws for the cloud era”.

This includes supporting cross-border data flows and addressing conflicts of law between countries, which often results in the cloud service providers’ compliance requirements differing from one country to another.

The Trusted Cloud Principles also address governmental requests for customer data, with signatories calling on states to seek data directly from enterprise customers rather than cloud service providers. This doesn’t apply to “exceptional circumstances”, which were not specified by the document, yet are likely to include serious criminal charges.

Customers of cloud service providers should also have the right to be notified in advance of governments’ plans to access their data, while the providers should be able to challenge such data requests as well as notify “relevant data protection authorities”.

The signatories stated that, although “governments have a legitimate and important interest in protecting the safety and security of their people”, there have been cases where “they seek to gain access to data under laws that do not adequately protect human rights and the rule of law, and conflict with laws of other countries”.

“As cloud service providers, we are committed to protecting the privacy and security of our customers’ data in all jurisdictions through policy and technology,” they added.

Related Resource

How to secure workloads in hybrid clouds

Cloud workload protection

Whitepaper front coverFree download

In order to achieve their objectives, the signatories “commit to working with the tech sector, public interest groups, and policymakers around the world, particularly in the countries where we operate or plan to operate data centers and cloud infrastructure, to ensure that laws and policies are substantially in line with the (...) principles”.

The announcement of the Trusted Cloud Principles comes weeks after one of the world’s largest secure email services, Protonmail, was criticised for providing authorities with the IP address of a French climate activist. Being based in Switzerland, the email services provider prides itself on benefiting from the country’s strict privacy laws, yet was “obligated" to comply with the “legally binding order from Swiss authorities”, according to founder and CEO Andy Yen.

Many disagreed about the severity of the crime, with Amnesty International technologist Etienne Maynier stating on Twitter that he has “a hard time seeing how young people squatting buildings in Paris is an extreme criminal case”.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Oak9’s IaC security platform now available on AWS
Security

Oak9’s IaC security platform now available on AWS

22 Oct 2021
AWS makes its Panorama Appliance generally available
Amazon Web Services (AWS)

AWS makes its Panorama Appliance generally available

21 Oct 2021
Alkira deepens partnership with AWS
Amazon Web Services (AWS)

Alkira deepens partnership with AWS

20 Oct 2021
Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021