A Little Privacy, Please?
There are voluminous discussions around General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in California. Yet, there is much less information about Canada. Canada rivals these examples with twenty-eight privacy-related bills on the books and three major efforts in progress. One effort in progress is a Consumer Privacy Protection Act (CPPA), predicted to become one of the strictest privacy laws in the world. With these thoughts in mind, let’s explore why hosting by country makes sense in general and in Canada in specific.
Regulations with Teeth
Unlike many sets of regulations, privacy regulations involve significant penalties, often in 8 or 9 digits. For example, a GDPR violation resulted in Amazon paying a $781 million fine. With Canada’s proposed legislation, there is the potential risk of similar outcomes for violations as for GDPR.
Cloud Compliance Confounds Calculations
In short, Clouds can be architected with global load balancing. So, it can be difficult to prove conclusively that authentication operations, including all data processed, actually occurred within a single geography. However, if the authentication operations are wholly hosted within a geography, proving compliance is greatly simplified.
Government Policy If Not Mandate
As an example, France is taking steps to ensure that sensitive data belonging to the government and its citizens are stored in clouds under French control. They are licensing technology from Google and others to make this feasible. Canada, as part of CCPA, is striving to ensure that consumers can control all data collected about them. Further, state and local government departments such as law enforcement agencies are facing similar requirements. While those appear to be at the policy level today, they could be made a mandate by upcoming legislation.
Axiad’s Proactive Steps
To address the above considerations, Axiad has set up a second hosting infrastructure with a Canada-based CSP. As a result, an organization’s authentication information and operations will be stored and executed within Canada. By doing so, Axiad is helping our enterprise and government agency customers be proactive in addressing Canada’s current and proposed privacy regulations.
Learn More
For additional information, please view our Top 5 Flyer.