Organizations around the world are embracing cloud technology to drive innovation, improve security, and remain competitive in the new digital economy. As cloud service providers, we support these organizations, which include businesses of all sizes, public sector entities, and non-profits, by operating services and infrastructure that are utilized across borders.
As companies that provide services around the world, we also recognize the right to privacy under international human rights law. Governments have a legitimate and important interest in protecting the safety and security of their people. Yet in some instances they seek to gain access to data under laws that do not adequately protect human rights and the rule of law, and conflict with laws of other countries. As cloud service providers, we are committed to protecting the privacy and security of our customers’ data in all jurisdictions through policy and technology. All governments must recognize certain baseline protections as they enact laws for the cloud era.
The Trusted Cloud Initiative seeks to partner with governments around the world to resolve international conflicts of law that impede innovation, security, and privacy, and to establish and ensure basic protections for organizations that store and process data in the cloud. Through this initiative, we commit to working with governments to ensure the free flow of data, to promote public safety, and to protect privacy and data security in the cloud.
This initiative builds on pre-existing commitments that each of our companies has made in this area, including by undertaking internal human rights impact assessments. It serves as a baseline to which our companies are committed.
As cloud service providers we:
- Recognize the interest of governments around the world in protecting the safety, security, privacy, and economic vitality of individuals and organizations that use global cloud services;
- Recognize that international human rights law enshrines a right to privacy;
- Recognize the importance of customer trust and customers’ control and security of their data, which entails both safeguarding the data customers own in the cloud, and creating products and policies that establish, maintain, and enhance that trust;
- Support laws that allow governments to request data through a transparent process that abides by internationally-recognized rule of law and human rights standards.
- Support international legal frameworks to resolve conflicting laws related to data access, privacy, and sovereignty;
- Support improved rules and regulations at the national and international levels that protect the safety, privacy, and security of cloud customers and their ownership of data;
- Recognize the importance of publishing, on a regular basis, transparency reports detailing aggregate statistics regarding government data requests.
To achieve our objectives, we commit to working with the tech sector, public interest groups, and policymakers around the world, particularly in the countries where we operate or plan to operate data centers and cloud infrastructure, to ensure that laws and policies are substantially in line with the following principles: