3 things to know about cloud computing

Global Publication Feb 9, 2016

  1. What is a cloud?
    A cloud provides on-demand access to a shared pool of computing resources which can be used for a variety of computing functions (for example, storage or running applications) without having to purchase or maintain physical servers. Cloud computing is scalable so you can use as much or as little as you need.
    • Public clouds, such as Microsoft Azure and Google AppEngine, are available online to the public on a free or pay-per-use basis.
    • Private clouds are accessible only within a particular organisation and can be hosted internally or by service providers.
    • Hybrid clouds are an increasingly popular option and include a mix of public and private cloud resources. For example, sensitive data may be retained on a small on-premise private cloud, while anonymised big data analytics could run using the processing capacity of a public cloud.
  2. Where is the data stored?
    Data stored in the cloud is transferred to and stored in the country where the server is located. Understanding where the information is transferred to is important because privacy laws in certain jurisdictions only permit cross-border transfers of personal information in limited circumstances. Information is often replicated in different jurisdictions to ensure information will be able to be retrieved or accessed in the event of failure of a server.
    Once South Africa’s Protection of Personal Information Act, 2013 (POPI) is in full force the cross-border transfer of personal information will be limited. Personal information may as examples be transferred across borders with consent or if it will be adequately protected in the receiving country, either through the laws of the receiving country or contractually through an agreement with the receiving party.
  3. Regulatory considerations
    Certain laws may prevent organisations from storing certain information on the cloud (or in a foreign jurisdiction). For example, if the proposed amendment to section 24 of the Financial Intelligence Centre Act, 2001 (FICA) is enacted, accountable institutions (including banks and attorneys) will be required to store Know Your Client (client verification) information in South Africa. Objections have been raised by various organisations making use of foreign clouds.
    ISO27018 is an international code of practice that focuses on the protection of personal information by cloud providers. Remember that even where information is processed in the cloud a responsible party will always remain liable to ensure that personal information is processed in accordance with applicable laws such as POPI.


Practice area:

Industry:

Recent publications

BOAT

Publication

Women at sea: What you don’t see

Nina Varumo is a freelance portrait and documentary photographer based in Stockholm. A recent project of hers Kvinnor till sjöss (‘Women at sea’) is on ongoing photo series highlighting the working life of female seafarers in order to change the stereotypical image of what and who is a seafarer.

Global | May 16, 2023

Transport
office building with green trees

Publication

“Double materiality”: What does it mean for non-financial reporting?

Companies have been publicly reporting on their financial performance for over a hundred years. However, they are increasingly having to make public non-financial disclosures relating to sustainability and environmental, social and governance (ESG) matters as a result of rules, laws and regulations issued by stock exchanges, governments and regulators worldwide.

Global | May 15, 2023

Environmental, social and governance (ESG)
ESG header image

Publication

ESG and Sustainability Insights newsletter

Stay in touch with the latest developments by subscribing to our newsletter.

Global | May 12, 2023

Site search

Subscribe and stay up to date with the latest legal news, information and events . . .

Register now