Is Google the new Rome?

Cloud computing may be leading to a federation-like worldview on data management, but national laws will be a major obstacle

In some ways, Google is a digital Rome. Instead of extending roads to connect its empire, it builds data centers worldwide and challenges local rule not with swords, but with tools and information.

It is a company that probes the perimeters of censorship in China and tests the limits of privacy laws in Europe, sometimes with consequence, as it expands its cloud computing empire.

On Monday, Google received a letter from 10 nations, including Canada, France and Britain, telling the company that the "privacy rights of the world's citizens are being forgotten as Google rolls out new technological applications."

However, Google answered its challenges on Tuesday by telling of the universal right of "free expression" and announcing a new tool detailing the requests and orders it receives nation by nation for data and content removal.

Google's Rome-like worldview extends to how it will treat the location of customer data. Google is not offering U.S. businesses any specific assurance that their data will be stored in a U.S.-based data center.

It is making an exception for government customers, such as the city of Los Angeles, which, as part of its contract to move its 30,000 users over to Google Apps, will have its data housed in Google's U.S.-based data centers.

From Google's perspective, "specifying data location made more sense when all data was within the organization's firewall," Eran Feigenbaum, director of security for Google Apps, said via e-mail.

"In the world today where we have partners, vendors, multiple offices, employees working remotely, the Internet, e-mail etc. 'Where is my data located?' should probably not be first question we ask," Feigenbaum said.

"When I send an e-mail to my vendor or client, the way all e-mail works, it can travel half way around the world before it gets to them -- even if they work down the street," he said. "So the primary questions companies should ask are 'how is the data protected?' 'Who has access to it?', and 'How do I evaluate what my IT vendor is telling me about their practices?' "

Microsoft is telling its U.S. customers that their personal data will remain in the U.S. "Our goal is to be as transparent as possible about our commitment to the security of our customers' data, and we understand that today, maintaining data in the U.S. is an important requirement for many of our U.S. customers," said Susie Adams, Microsoft's federal CTO.

Legal experts say that all of the questions raised by Feigenbaum are part of the due diligence process in working with a cloud provider, but location should be among them as well.

"As a cloud computing client, you lose an enormous amount of control, legally and jurisdictionally, if the data gets outside of the United States," said Christopher Cain, an attorney in Foley & Lardner LLP's IT and outsourcing practice.

1 2 Page 1
Page 1 of 2
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon