Apple’s iCloud: Another offshore regulatory headache?


blog There’s a lot to like in the announcements made by iconic technology giant Apple this morning in the US. iOS 5 will bring some long-awaited enhancements to the iPhone, iPad and iPod, OS X Lion is looking sweet, cheap and convenient (no more DVDs, no sir), and the ability to synch your iTunes library to the cloud is something people have been writing hacking guides for forever. Now you can do it officially.

However, we can’t help but wonder whether Apple has just created a fistful of headaches for large Australian organisations with its broader iCloud service, which allows users to synch office documents, calendar, mail and contacts online. After all, like other cloud giants Google, Microsoft, and Amazon, it’s not as if Apple will be serving that data from an Australian datacentre. This morning Apple supremo Steve Jobs said the company had built a new datacentre in North Carolina to help with iCloud, and website Data Center Knowledge lists the other known Apple datacentres; all also based in the US.

“Apple said its is “ready to ramp iCloud in its three datacentres.” Apple also has existing datacentres in Newark, Calif. and on its Cupertino headquarters campus. In April, Apple signed a seven-year lease for 2.28 megawatts of critical power load in a new datacentre being built in Santa Clara, Calif. by DuPont Fabros Technology (DFT), a leading developer of wholesale datacentre space. The Santa Clara facility would provide Apple with additional capacity on the West Coast.”

It’s clear that many Australians working in large organisations are already using iPhones and iPad in their professional lives. Many organisations — especially in government — have stringent requirements around the storage of company information such as email and documents on servers physically located in Australia, to prevent legal access by US Government authorities, for example.

Westpac’s top-level executives use their iPads in board meetings. Communications Minister Stephen Conroy uses an iPhone in his everyday life. What happens when this sort of high-level Australian starts automatically synching their sensitive data to Apple’s cloud, is anyone’s guess. Thoughts?

Image credit: Apple


  1. Hosting data overseas is a regulatory headache, but let’s face it, does the location of the server really matter in a world where hacking is most likely to be performed remotely? As long as the data is encrypted and validated with systems to ensure data integrity what difference does it make where the data is held?

    • I think for most people it doesn’t matter; but for some organisations, such as government departments and financial institutions, it’s almost law that they can’t host things offshore.

    • Cloud by it’s very nature creates complicated cross-border regulatory issues.

      For example, if you have a server in the cloud hosted by a global cloud provider, there is no specific “location” for your data. Indeed, your “server” may move around the world – (using cloud motion technology like VMWare’s VMotion) – following the cheapest source of power across the “day”.

      One type of data might have regulatory issues when stored in one country, but is it in that country now – or is it somewhere else completely five minutes later? Because regulatory requirements are quite likely different in every single country, the legal jurisdiction under which the data is held might be completely geographically different to the people using the data, and it may jump around jurisdictions across the day – either by design, or for fault tolerance.

      Not sure how much jumping around iCloud will do – but cloud presents a lot of issues over and above the technology itself.

  2. I agree with both of your comments. However what I am saying is that the underlying policy objectives of governments might need a rethink. In reality, let’s face it, the data will jump around through a range of jurisdictions. Just by uploading the data to the cloud, it might go through a number of hops until it reaches the server – and both the server and the user might be located anywhere in the World.

    Renai, you say that “it’s almost law that they can’t host things offshore”. You are right. But I think it shouldn’t be that way. Why should it matter to a government where the data is stored or which jurisdictions the data goes through on its way to its destination? It seems to me much more important to ensure the security of the data – as long as the data is sufficiently encrypted it appears irrelevant where it is stored.

  3. Hope it doesn’t cause enough headache for users when bad things happen in the cloud. AFAIK it’s not that reliable if something terrible happens, your data might lose so better keep an offline copy in your hard drives

  4. It’s not so much about location of hackers and physical/virtual security but having your data located in countries where it is subject to the laws in those countries and whims of the local government, who we may or may not be at war(officially or otherwise) with now or in the future. What I dislike is the increased push of these apple products into the business market without any real support from apple to meet the needs of the business market.

    • That’s exactly the Apple strategy, and the inverse of Microsoft. They focus on the consumer who then creates the business demand.

      The business tools such as deployment tend to come 2nd such as the iOS deployment tools that will ship with Lion.

      Unfortunately with a market the size of New York State we will have to wait for locally hosted clouds, but it does create a niche for local companies to serve that market here, Apple just legitimizes it.

Comments are closed.