What is Data sovereignty
Data sovereignty refers to the framework of laws and governance structures that regulate the control and storage of data within the country it is stored. Furthermore, data is automatically subjected to the laws and standards of the hosting country. With the emergence of Cloud computing, there is no technological challenge for cloud service providers to store Cloud data outside of Australia.
How Does this affect you?
The Australian Data Privacy Act clearly states that entities storing Cloud data offshore are legally responsible for protecting it, including any mishandling incidents.
To add to this, there is no unified international standards on data privacy. Not only does this mean that the definition of privacy is not the same in every country, it also means that the obligations that companies have in the face of requests from offshore regulators vary and may not align with Australian privacy regulations. Therefore, the potential risks to the end user deserve far more consideration than the technological benefits gained by the service provider.
Storing data in a company's local juristriction, if practical, is the best practice to properly manage data, ensuring automatic compliance with regulations and, through this, mitigate legal risks.
All of FACTS Online infrastructure is located in Australia and no data (either resting or in transit) is off-shored.