The implications of cloud computing for information privacy : an Australian perspective

Cloud computing provides a large repository of information that is available to everyone as a service. Research in Australia indicates that 14 million people living in Australia use some form of cloud computing services, and approximately 900,000 small and medium enterprises businesses had actively used cloud computing services. As business that manage the new dimensional demands of data and cloud, there are challenged for governments in providing a robust legal framework and a pro-business environment. This is because cloud computing poses both information privacy and data security risks for users of cloud computing service. The information privacy risks relate to the use and disclosure of 'personal information' and 'sensitive information' about consumers without their consent while there is security threats from cloud computing related to data location, privileged user access, data segregation, recovery, investigative support and long-term viability and regulatory compliance. Trust and confidence in cloud computing by consumers and business using cloud computing is critical for its growth. This article explores the legal and regulatory implications for information privacy arising from cloud computing; and if new information privacy laws are needed to protect consumer information stored in the cloud and to support the growth of cloud computing industry in Australia. A comparative analysis of the privacy laws in the United States with that in Australia is undertaken to provide additional insights to understanding the legal and regulatory implications of adopting cloud computing services in Australia.