Apple's iCloud to cause legal stress?

Summary:Apple's new iCloud service is sure to have Australian legal eagles and IT managers on edge over regulatory compliance when it comes to data storage.

commentary Apple's new iCloud service is sure to have Australian legal eagles and IT managers on edge over regulatory compliance when it comes to data storage.

iCloud logo

(Apple iCloud? Rimandato a settembre image by, CC2.0)

Steve Jobs told the world in his Worldwide Developer Conference (WWDC) keynote that all new devices running iOS 5 would have iCloud support turned on by default, and it's not just for music. iCloud backs up data from your Mail, Calendar, Photos and documents, pushing that data to your other devices.

While some sharing options require a few extra steps to turn on, many users are sure to activate them just to have a look, meaning that precious contact, document and conversation data will drift offshore to Apple's fancy new datacentre in the US, potentially in breach of Australian data regulations.

The Australian Prudential Regulation Authority (APRA), in charge of regulating the financial sector, has advised institutions to exercise extreme caution when using cloud computing services.

The APRA last year outlined (PDF) three acts in particular that need to be considered by financial institutions when outsourcing to the cloud, including the Superannuation Industry (Supervision) Act 1993, Prudential Practice Guide PPG233 and PPG234, which relate to security, business continuity and outsourcing.

It would seem that the use of iCloud by employees in the financial sector could, for example, mean that using a BYO iDevice on a corporate network could see data sent offshore, landing the user and possibly the company in hot water.

Sending data offshore to be hosted in the US also opens users up to the legal framework in which the data is stored. Data stored in the US faces scrutiny under the controversial Patriot Act and the Foreign Intelligence and Surveillance Act.

So what can be done to make sure users are in compliance? They need to be reminded that if they sign up to the iCloud service, they are sending data offshore to be stored in Apple's cloud. And if they want to employ it for personal, but not corporate use, then they might need to consider how connected their professional and personal phone use has become.

Topics: Apple, Cloud, Government, Government : AU, Security


A fresh recruit onto the tech journalism battlefield, Luke Hopewell is eager to see some action. After a tour of duty in the belly of the Telstra beast, he is keen to report big stories on the enterprise beat. Drawing on past experience in radio, print and magazine, he plans to ask all the tough questions you want answered.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.