US tech giants Amazon, Google, Microsoft IBM, Salesforce/Slack, SAP, Cisco and Atlassian (Australia) agreed on the Trusted Cloud Principles, a broad set of principles that basically say that these companies are committed to protecting the privacy and security of their customers’ data in all jurisdictions through policy and technology.
The Trusted Cloud Principles were developed to address the industry’s concern that certain regulations and proposals will make it hard to do business and also may force companies to hand over customer data without being able to notify customers.
“As companies that provide services around the world, we recognize the right to privacy under international human rights law”, the signatories said in a statement. “We are committed to protecting the privacy and security of our customers’ data in all jurisdictions through policy and technology. All governments must recognize certain baseline protections as they enact laws for the cloud era.”
“Through this initiative, we commit to working with governments to ensure the free flow of data, to promote public safety, and to protect privacy and data security in the cloud”, the companies explained.
In their statement, the tech giants “commit to working with the tech sector, public interest groups, and policymakers around the world”. They are guided by five principles:
–Governments Should Engage Customers First, with Only Narrow Exceptions.
–Customers Should Have a Right to Notice.
–Cloud Providers Should Have a Right to Protect Customers’ Interests.
–Governments Should Address Conflicts of Law.
–Governments Should Support Cross-Border Data Flows.
The Trusted Cloud Principles come days after a separate data cloud framework was stood up between Amazon Web Services, Google, IBM, Microsoft and other major tech giants, plus the EDM Council, a cross-industry trade association for data management and analytics. Under the Cloud Data Management Capabilities (CDMC) framework there are six components, 14 capabilities, and 37 sub-capabilities that sets out cloud data management capabilities, standards, and best practices for cloud, multi-cloud, and hybrid-cloud implementations while also incorporating automated key controls for protecting sensitive data.
Among the six components are data governance and accountability, cataloguing and classification, data accessibility and usage, data protection and privacy, data lifecycle, and technical architecture.
More information about the Trusted Cloud Principles HERE