Home Digital delivery Data hosting rules could be tightened

Data hosting rules could be tightened

Data hosting rules could be tightened

The federal government is considering requiring sensitive government data to be hosted in Australia by Australian companies only.

Suart Robert

Government Services Minister Stuart Robert announced this week that the government is examining data sovereignty requirements to ensure trust in government-held data sets.

“We need to take care of that data so we’re exploring what does it mean for nationally significant sovereign data and how should we protect that,” Mr Robert told a National Press Club lunch.

“This will include considering whether certain data sets of concern to the public should be declared sovereign data sets and should only be hosted in Australia, in an accredited Australian data centre, across Australian networks and only accessed by the Australian government and our Australian service providers.”

The move would side-step concerns that foreign companies with Commonwealth contracts could be compelled to provide offshore information to their own governments, as is the case with the US Cloud Act which governs US companies.

“We need to ensure that Australians can trust that Government will appropriately manage the information that they provide to us – whether it is for a tracing app or for the Census,” Mr Robert said.

Mr Robert said transparency and trust was critical as the government moved towards its goal of making all government services digitally available by 2025.

Data availability legislation which is set to come before parliament will  allow all government datasets to be used to provide services and social support, he said.

Ensuring data sovereignty would ensure a single “digital front door” for government and citizens be able to see all of their interactions with government.

“We want to say to citizens we’re going to be very transparent with how we’ll use your data and transparent in how we’ll secure it,” the minister said.

“We think there is a case, and we’re exploring this now, for Australian datasets to be in Australian data centres, run by Australians with Australian providers, and securely housed and routed within Australia to give maximum assurance to Australians their data’s safe.”

Mr Robert also told the press club the government would look at procurement reforms that promoted home-grown innovation and prioritised local jobs and capabilities as it delivered its digital architecture.

Thumbs up from cloud providers

Writing exclusively for Government News ahead of the announcement Vault Cloud CEO and Australian Information Industry Association (AIIA) board member Rupert Taylor-Price said the Covid-19 crisis had thrown into relief the challenges of reliance on other nations, including for technological capability.

Rupert Taylor-Price

On Thursday he told Government News the announcement was an important step to improving Australia’s security posture.

The trust of citizens was hard won and easily lost, he said.

“It’s critical that we improve the base security level of all sensitive government data handling, Mr Taylo-Price said.

“Simplifying and securing multiple government cloud services under one architecture and workflow certainly boosts cost-efficiencies and standardisation but it is important also to understand where the support for Australian tech companies will feature as part of this initiative.”

Aidan Tudehope, Managing Director of  Macquarie Government which last week became the first sovereign cloud vendor certified to provide services to Defence, welcomed the minister’s announcement.

He said data sovereignty went to the heart of questions about legal authority over data.

“Data hosted in globalised cloud environments may be subject to multiple overlapping or concurrent jurisdictions,” he said.

‘The only way to ensure Australian sovereignty is maintained over citizen data collected by government is to ensure it is hosted in an Australian cloud in an accredited Australian data centre, and is accessible only by Australian-based staff with appropriate security clearances from the government.

“This policy should also help foster Australia’s homegrown cloud and IT industries and reduce our dependency on global providers to support our digital economy, which is vital to our long-term national interest.”

 

Like this news?

Leave a Reply

Your email address will not be published.