Digital Government News

Banks and big tech reject idea of onshore data storage

Eliza Sayon Sep 8, 2022

2 min read

Global tech companies and national banks are opposing the idea of onshore data storage, stating that doing so will create cyber security risks and harm the economy.

Early this year, the Department of Home Affairs released a discussion paper on data security as part of the National Data Security Action Plan, which was developed to ensure the ongoing protection of citizens’ data.

“As increasing volumes of data continue to flow between all levels of government, industry and across the community – the Morrison Government is committed is building a national approach to ensure data protection, wherever it is stored or accessed,” then Minister for Home Affairs Karen Andrew said during the announcement of the action plan.

The discussion paper raised the question of whether the country needed an explicit approach to data localisation, stating that other countries either already have data localisation laws in place or are adopting legislation to stop the insecure transfer of personal information across borders.

Check out: Janice Carey on how organisations can develop better data strategies

In response, organisations such as Telstra, AWS, and the Australian Banking Association (ABA) claimed that the offer of data localisation can weaken the country’s data security.

“Many Australian entities use third-party providers of software or platform services, including major global entities. Both Australian and overseas entities may use offshore data centres,” ABA’s submission paper states.

“Requiring data to be kept onshore would disrupt these existing commercial and infrastructure arrangements.”

Facebook’s parent company Meta also weighed in their thoughts on the paper’s question on data localisation.

“Data localisation requirements can inhibit business growth,” it said in its submission paper.

“Local data storage requirements also have broader implications for the state of an open, global internet. Personnel and data localisation measures such as those in India, Vietnam, Turkey and China, are often intended to facilitate the surveillance or censorship of citizens’ online activities and violate individuals’ human rights including freedom of speech, expression, access to information, and privacy and due process rights.”

Meta then states that Australia’s contemplation of local data storage requirements could set a concerning precedent that undermines the principles of an open internet and emboldens other countries with a different vision of the internet’s future.

The Tech Council of Australia also explains that onshore storage of data could disrupt cross-border data flows, advising the government to limit such measures due to highly sensitive use cases such as health data.

Optus then advised the government that, should data localisation be pushed, they should adopt a risk-based approach that will consider circumstances such as data storage location and the cost of transferring the data to a domestic facility.

While eighteen other submissions have been kept confidential, the Department of Home Affairs will continue to engage with the industry, and state and territory governments in the development and implementation of the action plan.

Eliza Sayon

Website | + posts

Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.