The Trusted Cloud Principles, an initiative aimed at bringing standardisation and consistency across platforms, were formally introduced last week by major cloud service providers.
Signatories to the Trusted Cloud Principles pledge to uphold consistent human rights standards across their services while also safeguarding cloud service providers’ interests.
Amazon, Atlassian, Cisco, Google, Microsoft, and IBM are among the companies who have pledged their support to the effort.
“The signatories to the Trusted Cloud Principles are dedicated to safeguarding our customers’ rights. The signatories state, “We have agreed to strong principles that ensure we compete while maintaining consistent human rights standards.”
According to the newly established principles, cloud service providers are committed to ensuring the privacy and security of their customers’ data across borders, as well as collaborating with governments around the world to ensure the free flow of data and establish legal frameworks for data privacy, security, and integrity.
“Governments have a genuine and significant interest in ensuring their citizens’ safety and security. However, in other cases, they seek data access under laws that do not effectively protect human rights and the rule of law, and that contradict with the laws of other countries,” the cloud businesses point out.
The organisations involved say they understand governments’ interest in ensuring the “safety, security, privacy, and economic vitality of individuals and organisations” who use cloud services, but they also recognise that people have a right to privacy and that customers should have confidence in the security of their data.
The signatories also pledge to support legislation that allows governments to request data in a transparent manner, as well as improved regulation to “protect cloud customers’ safety, privacy, and security, as well as their data ownership.”
They also emphasise the necessity of regularly issuing transparency reports on government data requests, as well as their support for legal frameworks that would aid in the resolution of data access, privacy, and sovereignty conflicts.
Customers have the right to be notified of government access to their data, and cloud providers should have the right to protect their customers’ interests, according to the Trusted Cloud Principles, which also require governments to engage with customers first, then cloud service providers, and to address legal conflicts while supporting cross-border data flows.