ITBusiness.ca

There may be no data sovereignty in the cloud: McAfee chief privacy officer

One of the most talked about issues today is that of data privacy.  And, in the digital world, the privacy of one’s data matters and needs to be vigilantly protected.  Whether you are protecting your employees, yourself or your children, data privacy should be front and centre in the discussion – particularly in the domain of cloud computing.

To gain further insight, I spoke with Michelle Dennedy, chief privacy officer of McAfee and author of The Privacy Engineer’s Manifesto, about her views on data privacy.

Clendenin: What do CEOs and organizational leaders need to know first and foremost about data privacy?

Dennedy: “On Data Privacy, they (CEOs) are not counting enough of their assets.  I think we need more metric models, more asset driven models.  It’s great that there are a couple of companies hither and yon discussing privacy at all in the boardroom, but typically it is coming out of their audit committees or it’s coming as a reaction to fines that have been levied.  It’s not necessarily coming up from an asset value perspective so I think they are missing the boat as this is the information economy.”

Clendenin: What are your thoughts regarding the relationship between cloud computing and data privacy?

Dennedy: “The thing about cloud that I have been saying forever is there is a component of cloud that looks a lot like out sourcing.  You’re giving up some control.  You’re giving up some instance of being able to stand on top of the asset and have people you can have be accountable for it.  The good news is you are also asking someone who is dedicated to winning to do what they do best.   If you are a retailer, having someone doing good swipe card cloud data processing is probably a really good thing especially if you have someone hacking your devices between Thanksgiving and Christmas time.”

Clendenin: In Canada, and in many other countries, another aspect to the cloud computing conversation is that of data sovereignty.  Will data sovereignty concerns accelerate cloud providers to build in-country data centers if they want to compete on a global scale?

Dennedy: “I think the mentality that dirt can actually be a boundary for data is a mistake.  I’m hoping that is not the only way we go because I think that then we have a false sense of security because we see a building in-country.  This is where you collide with the Internet of Things as data will start to be much more fluid.  I haven’t yet seen a really clean implementation where you don’t have devices going out or other data sources dipping outside of borders.”

Clendenin: Is there value for cloud providers of intimately knowing in-country specific laws and culture?

Dennedy: “If what we are really talking about is having local people understanding the local community, understanding the local language, I think that is massively important.  This is a better argument for design than your neighbors are distrustful.”

Clendenin: What is your prediction for the future of cloud, privacy and data sovereignty?

Dennedy: “I have a feeling that there’s going to be some satellite that will start to be ‘the cloud provider of all’ because it won’t be in any country.  That’s my prediction for the next five years.”

Michelle Dennedy will be speaking on the data privacy panel at The Cloud Factory conference April 7 and 8 in Banff, Alberta.  Dennedy will be joined on the panel alongside Jim Love, CIO of IT World Canada and Martin Kratz, Head of Intellectual Property at Bennett Jones.

Exit mobile version