Speaking at iapp's privacy umbrella of Cloud computing conference in Sydney, Timothy Pilgrim said while many have claimed Cloud computing poses a threat to privacy, there is seldom a focus on the benefits of the technology.
"It's commonly accepted that Cloud computing has the potential to be privacy disabling and not privacy enabling," Pilgrim said. "Many of the privacy issues identified around Cloud computing already exist, however the challenge lies around how best to mitigate them."
One of the challenges Pilgrim outlined included the complex nature of data that reaches far beyond Australian borders.
"Forcing privacy in an international context has always been complex," he said. "Local regulation and enforcement bodies may find it difficult to establish boundaries especially when their citizens are involved." Pilgrim said collaboration between the federal government, vendors and the wider community may help to stay one step ahead of any potential security threats associated with virtualisation.
"There are some significant changes coming up in the Privacy Act and there is an opportunity for everyone to get involved in changes," he said. "Some of the advantages that Cloud computing offers...are also very attractive to government agencies as well as the private sector."
While Pilgrim echoed industry concerns that Cloud computing poses control issues for IT mangers, he said there is a shift towards storage at a local level.
"Moving data into the Cloud often means it will be stored and processed outside of Australia," he said. "...We have, [however], seen private community Clouds with facilities located in one physical location [emerge]." Pilgrim said IT managers and government departments alike should take a closer look at contracts entered into with Cloud providers.
"Content of contracts is becoming more important to ensure the accountability becomes more talked about," he said. "That's going to be a key focus for our organisation."
Accountability was important to the development of the Cloud computing industry in Australia.
"When it comes to using it for handling customer information it's essential that business comply with the privacy act at the minimum," Pilgrim said. "Get privacy right from the start so that customers can benefit from the technology you have to offer."
The Commissioner last month told a Senate inquiry that any talks about a data retention regime from organisations or government needed to be consistent and accountable to stakeholders.
This story, "Cloud can enhance privacy, says Australian Privacy Commissioner" was originally published by Computerworld Australia.