Complex and Competing Data Privacy Considerations in Apple’s Move to Store Data in China
By Ananda Martin
The move will house Chinese iCloud data on servers maintained by China’s state-owned telecommunications company, China Telecom Corporation Ltd (中国电信). The shift has two advantages for Apple, which has experienced a number of
The announcement has prompted concerns about Chinese user data’s vulnerability to searches by Chinese regulators and comes at a time when Apple is seeking to distinguish itself from the competition by championing user privacy. Apple
Apple’s decision to store iCloud data in mainland China may signal the beginning of a trend for other high tech companies in the market. While Apple’s arrangement with China Telecom appears to be motivated by business concerns – there is no requirement under Chinese law that such user data be held in China – the Chinese government appears increasingly concerned with limiting the transmission of domestic data overseas. For example, in May of this year, the Chinese government banned Microsoft’s Windows 8 operating system, which was seen by some as a move to limit data leakage out of the country. And, in a highly-regulated industry such as telecommunications, the government has substantial negotiating leverage to set the terms of market access for aspiring entrants.
In the short term, the move to keep data local may improve the user experience for the Chinese consumer and assuage Chinese government concerns about sensitive information going offshore. However, the distribution of data across multiple jurisdictions, subject to varying legal and technical standards, runs the risk of creating further security challenges for multinationals trying to maintain consistent standards across different markets. At a minimum, it will drive the need for tech-savvy counsel, familiar not only with the rapidly evolving legal landscape of big data, but also with the specific data privacy laws of each jurisdiction in which global technology companies operate. These advisors will also need to understand the extent, and limits, of government authority to access user data.
Caveat Vendor is Paul Hastings’ Consumer Issues blog. We welcome your feedback. Please contact our blog editor with any thoughts or suggestions.