Is cloud security and privacy a concern for your business?  With recent developments in the news about US government agencies using secret court orders to collect data on specific users from American-based large internet companies (like Google, Apple and Facebook), should Canadians be concerned  about the privacy and security of our data that resides in US data centers?  Google CEO Larry Page responded quickly to the allegations with a clear and concise blog post.  So did Facebook.  Now, these internet giants are all requesting a more transparent process so that they are allowed to detail the number of requests made by government agencies. We often get asked by Canadian businesses about cloud security as they are concerned about US government overreach in the name of security and terrorism.  In attempt to be as objective as possible on the issue, I wanted to share a few resources that I have come across that address this concern.


Canadian Cloud Law Blog

The Canadian Cloud Law Blog is written by David Fraser, a Canadian privacy and technology lawyer based out of Halifax.  He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws and cloud computing.  Here are a few of his pages & posts I found very helpful:

  1. Don’t forget that Canada is in the national security / surveillance business as well
  2. Cloud Computing and Privacy FAQ – This page addressed the bulk of the questions I had from a legal standpoint.
  3. Privacy Law Resources –  A comprehensive list by Province.


Office of the Privacy Commissioner of Canada

The mission of the Office of the Privacy Commissioner of Canada (OPC) is to protect and promote the privacy rights of individuals.

  1. Introduction to Cloud Computing Fact Sheet –  This document details the different kinds of cloud computing models among other things.  For reference, Perpetual West only works with Public Cloud solutions.
  2. Cloud Computing for Small and Medium-sized Enterprises: Privacy Responsibilities and Considerations – This is a great resource when it comes to privacy questions and concerns that Canadian Businesses have.
  3. A Guide for Individuals Your Guide to PIPEDA (Personal Information Protection and Electronic Documents Act)Explains PIPEDA in laymen’s terms.   Here is the legalese if you prefer.
  4. Processing Personal Data Across Borders Guidelines – Explains the implications of PIPEDA when data crosses the border.
  5. Getting Accountability Right with a Privacy Management – A good guide if you need to setup a privacy management program for your company.


Government Entities & Laws

Here are the wikipedia links to all the entities and laws you will have seen in the news (and maybe some you haven’t).

American Links

  1. Patriot Act – The US Government’s response to the 9/11 terrorist attacks.
  2. FISA (Foreign Intelligence Surveillance Act) – This law has been beefed up since the 9/11 terrorist attacks.
  3. FISC (Foreign Intelligence Surveillance Court) – The secret court that grants the surveillance warrants.
  4. PRISM Surveillance Program – The secret program that was recently exposed by Edward Snowden.

Canadian Links

  1. Anti-Terrorism Act – The Canadian Government’s response to the 9/11 terrorist attacks.
  2. CSIS – Canada’s CIA/NSA.  They have a similar court that grants surveillance warrants.


Cloud Solution Privacy and Security

Here is a list of the public cloud solutions that we work with and their corresponding privacy and security statements:

  1. Privacy & Security
  2. Google Privacy Policy
  3. Google Apps Security & Privacy
  4. RingCentral Privacy Policy
  5. RingCentral Security Statement
  6. Hubspot Privacy Policy


Outside of the concern for law enforcement or national security accessing your data, you’re left with abiding by privacy regulations and ensuring that the cloud solution vendor that you choose has implemented the very best in security technology with the certifications to match.  Choose your cloud solutions wisely and seek the advice of legal and security experts if necessary.


Perpetual West works with only the best and most established cloud solutions in the market like Google Apps, Salesforce CRM and Hubspot.  Contact Perpetual West at 1-877-388-6400 to learn more about how we can help your business work in the cloud.


Blog subscription