How Will Data Sovereignty Affect the Future of Your Company’s Data?
Earlier this month, the United States joined 11 other Pacific nations in announcing the completion of negotiations over the Trans-Pacific Partnership (TPP), a trade agreement seeking to boost trade and investment throughout the Asia-Pacific region while addressing a host of thorny issues, including tariffs, copyright protections and labor standards.
While the TPP must still be debated and approved by each of the participating nations, the summary of the agreement contains an interesting provision — that signatories will not be allowed to mandate data sovereignty provisions as a requirement to operate in those markets. Data sovereignty can be briefly defined as the idea that data must follow the laws of the country or jurisdiction it is stored in. In the case of the TPP, this provision means that companies will not have to build data centers in every country they operate in as a precondition to do business in that country.
This provision, according to the U.S. summary of the TPP, is meant to ensure the free flow of global information across the Internet. But not every country agrees with this approach — and as companies look to do business in the global economy, the challenges of data sovereignty are only becoming more and more acute. And unfortunately, this is not a problem that is going away any time soon.
As cloud adoption continues to accelerate and more companies expand their offerings to a global audience, it will continue to drive questions that will affect businesses of all sizes — even if they don’t yet do business globally. Where should your data be stored? How can you ensure compliance in every market you do business in? And can you be sure that you’re protecting your customers’ private information — or are you opening yourself up to future liability?
No safe harbor
Part of the reason why companies have so much difficulty in navigating the data sovereignty landscape is that the rules keep shifting. The TPP is just the latest in a series of moves in this area, as countries like Russia and Brazil have recently enacted rules requiring Internet companies to store personal data within the country. And in early October, the European Union’s highest court struck down the 15-year-old Safe Harbor agreement, which had set a framework for how companies shared data across national borders. Claiming it violated privacy rights, this has left thousands of businesses scrambling, as simply sending data from Europe to the U.S. could now engender fines or worse.
There have been a variety of attempts made to resolve these outstanding issues surrounding data sovereignty, including a drive for “national clouds,” where data centers are operated and stored entirely within one country, and are thus liable to only that country’s laws. Many American companies, seeking to comply with local regulations and soothe overseas concerns around possible U.S. government interference, are now opening data centers within the EU for just this reason, but even these efforts have resulted in controversy.
What you can do
So how can companies navigate this ever-changing landscape? There’s no easy answer, but what’s clear is that you don’t want to go at it alone.
Chances are that you’ve already engaged vendors for cloud and other areas that might be affected by data sovereignty limits. It’s worth re-examining these agreements and making sure that you’ve covered all your bases and are protected — even in light of the recent news surrounding Safe Harbor. But as Scott Semel of Intralinks says, this is not just an IT and/or Legal issue:
“The executive team needs to take ownership and use a top-down approach to help prepare the company for the future… Companies […] are more responsible than ever for their data sovereignty, and there is no one to point the finger at but themselves if they face consequences from ignoring or abusing data processes.”
The foundation of that preparation is an understanding of where your information is, where it’s going, and how it’s being used, shared and disseminated throughout your organization.
Now more than ever, as information becomes ever more mobile, your security and governance policies must adapt and keep up with the changing landscape. And there’s never been a better time to bring in a partner with the strength and experience to help you navigate this new world of work.
And that’s where we can help. Learn more at www.stratixsystems.com or call us toll-free 1-800-444-2943
About Stratix Systems
With offices in Reading, Lehigh Valley, Philadelphia and Central and Northern New Jersey, Stratix Systems is one of the region’s leading technology solutions partners —with the people, resources and experience to deliver the IT, content/document management and imaging support you need: where, when and how you need it. In fact, very few providers in the region can match the vast array of total business solutions and responsive service available from Stratix Systems. It’s no wonder why we are the partner-of-choice for over 4,500 organizations throughout Eastern Pennsylvania and New Jersey.
Have a question? Get an answer. Our experienced systems experts would be happy to answer your questions, help you explore your options and develop a customized plan for you. Learn more at www.stratixsystems.com or call us toll-free 1-800-444-2943.
This post originally appeared on WorkIntelligent.ly, authored by Ricoh USA.