Governments must realize limits of control on cloud data, encryption

U.S. and U.K governments need to realize the negative impact of their actions regarding cloud data sovereignty and encryption, says Singapore-based tech lawyer who also points to the rise of Asian tech companies and innovation in 2015.
Written by Eileen Yu, Contributor on

Governments need to realize there are limits to how much they should exert control on issues that have global impact, such as cloud data and encryption.

The U.K. government, for instance, proposed a ban on data encryption that prevented digital communication from being monitored and read by law enforcement and intelligence agencies. Prime Minister David Cameron said he would propose new legislation, if he won the next general election, in a a move deemed to potentially impact messaging platforms that encrypt their data, including apps such as WhatsApp and Snapchat, as well as Apple's iMessage and FaceTime.

There are, however, already legislations that allow the government to monitor electronic communications for national security, said Rob Bratby, managing partner of Olswang Asia, where the Singapore-based lawyer advises on issues related telecom, media, and technology in the region.

He noted that the U.K.'s Regulation of Investigatory Powers Act 2000 was designed to enable the government to conduct surveillance, including accessing an individual's electronic communications, if they followed the correct processes and procedures. It sets the boundaries within which the government can listen to conversations and requires proper approval before it is allowed to do so.

Voicing his disagreement for the proposed encryption ban, which he described as impractical and "not good from a policy perspective", Bratby told ZDNet in an interview: "If the objective is [to enable] law enforcement to listen to [communications between] the bad guys, blanketing this with a ban is not the best way to achieve the objective."

"Saying you want to ban encryption [to do that] is wrong... It's a knee-jerk reaction to what happened in Paris," he said, referring to last month's terrorist attack on satirical weekly magazine, Charlie Hebdo, during which 12 people were killed.

Forcing tech companies to hand over data stored in foreign jurisdictions also shouldn't be any government's prerogative.

In a much-watched legal case that is still playing out in the U.S., Microsoft was found in contempt of court last September after it refused to hand over foreign data--held in its Dublin, Ireland, data center--to the U.S. government. It was defying orders do so by magistrate judge James Francis.

The New York-based judge had ruled that local search warrants must include customer data stored in servers located outside the U.S., referring to one issued to Microsoft for a customer's e-mail data stored in its Dublin data center, which houses European citizen data.

Microsoft's appeal against the ruling is still pending.

Reiterating his point about observing the necessary procedures, Bratby noted that the U.S. government could still access the data if it followed the proper legal processes, including those outlined by foreign jurisdictions.

"In this case, the U.S. government is saying they don't care. The U.S. needs to be aware that they can't do that on a global basis and that they aren't the center of the global economy," he said, adding that it will negatively impact the U.S. IT industry.

The good news is, elsewhere, the could industry is maturing and market players recognize the need to be transparent and for their data centers to be resilient and secure, Bratby noted. The Trans Pacific Partnership (TPP), for instance, includes a financial services chapter that looks at cross-border data flow to enable financial institutions to move data overseas, he said.

In most countries, financial services providers typically are required to store their customer data in the local jurisdiction, preventing them from using cloud services or data centers that host data in different countries.

Emerging Asian ecosystem, innovation

Noting the importance of the TPP from a legal perspective, Bratby explained that trade deals between nations often are centered around efforts to standardize local laws, including intellectual property. Championed as a free-trade agreement for the Asia-Pacific region, the TPP currently encompasses 12 participating countries including Singapore, Australia, Brunei, Japan, Malaysia, and Vietnam. It has yet to include China or India.

Its success will be especially critical as Asia's role in the global tech space continues to expand.

Noting the meteoric rise of companies such as Alibaba, Xiaomi, and Tencent, Bratby said: "For the first time, we're starting to see companies with the scale to match that of the United States [and] the world is no longer centered around the U.S. in terms of technology."

For instance, he said the industry is starting to see innovation in mobile originating from developing markets, due in part to the amount of investment that has been poured into these markets. Already, market players such as Xiaomi have been launching thinner and cheaper products, he added.

He also expects closed interest groups to grow in popularity, such as SpiceWorks, as well as social networks that provide targeted information for verticals. Wearables will also see wider adoption this year, where the use case is currently centered around health and fitness, he added.

He noted that this interest in healthcare could throw up legal discussions around personal data and privacy, particularly in EU countries where such data is classified sensitive and requires a higher degree of care. Consent for use, for instance, has to be more explicit.


Delta Air Lines just made an embarrassing announcement (you may be livid)

Delta Air Lines just made an embarrassing announcement (you may be livid)

US weather, climate forecasting is about to get way better

US weather, climate forecasting is about to get way better

Cybersecurity leaders are anticipating mass resignations within the year - here's why

Cybersecurity leaders are anticipating mass resignations within the year - here's why