Did you know that storing personal data about Australians in the cloud may breach the law under the Privacy Act 1988 and the Australian Privacy Principles? There is a solution that gives you all the productivity benefits of the cloud, and allows you to remain compliant. Introducing CloudFileSync.

1. CloudFileSync is a secure file, sync and share
solution built for the IT channel
Built and powered by
Important factors to consider
when storing your cloud data
outside Australia

2. What is
data sovereignty?
Data sovereignty is the concept that information which has been converted and stored
in binary digital form is subject to the laws of the country in which it is located.
So, where in the world is your cloud data?
Is the information you store in the cloud sensitive?
Is this subject to Australian law or to the laws of another jurisdiction?
CloudFileSync is a secure file, sync and share
solution built for the IT channel 1

3. Can you store that
data outside of Australia?
Before any person’s identifiable data is stored on an overseas hosted cloud service you
must obtain that person’s written consent.
What is personal, identifiable data?
Under the Privacy Act 1988 (Cth) personal, identifiable data is defined as …information
or an opinion, whether true or not, and whether recorded in a material form or not,
about an identified individual, or an individual who is reasonably identifiable.
Identifiable data includes a person’s:
CloudFileSync is a secure file, sync and share
solution built for the IT channel 2
Name Signature Address
Date of birth Telephone number Driver’s licence
Tax return Medical history Bank account

4. Can you store that
data outside of Australia?
In addition to defining personal, identifiable data in the Privacy Act 1988 (Cth), Chapter 8 of
the Australian Privacy Principles covers the cross border disclosure of personal information.
Key points of Chapter 8, Australian Privacy Principles.
Before an APP entity discloses personal information to an overseas recipient, the entity must
take reasonable steps to ensure that the overseas recipient does not breach the APPs in
relation to the information (APP 8.1).
An APP entity that discloses personal information to an overseas recipient is accountable for
any acts or practices of the overseas recipient in relation to the information that would
breach the APPs (s 16C).
If your company is using a cloud storage service like Dropbox, Google Drive or OneDrive it is
possible that your data covering the personal information of Australian citizens is stored
outside of Australia.
CloudFileSync is a secure file, sync and share
solution built for the IT channel 3

5. Are you breaching
data sovereignty rules?
Storing personal information about Australians on a public cloud service that is located
outside of Australia is clearly a breach of data sovereignty rules, the Privacy Act 1988
(Cth) and the Australian Privacy Principles.
Your organisation could be held liable if the overseas based cloud service:
CloudFileSync is a secure file, sync and share
solution built for the IT channel 4
Breaches the Australian Privacy Principles Engages in ‘misconduct’ which the Privacy
Act defines as “… fraud, negligence,
default, breach of trust, breach of duty,
breach of discipline or any other
misconduct in the course of duty”.

6. What are the legal and financial
consequences of breaching
data sovereignty rules?
A breach of the rules discussed in this document opens an organisation up to the
possibility of civil law and other punitive compensation penalties.
Civil penalties of up to $AU 1.7 million apply
for serious or repeated breaches of the Privacy Act.
The reputation and standing of your business would also be impacted if you are in
breach of the Privacy Act or the Australian Privacy Principles.
Breaking these laws and principles means you have broken a commitment to your
clients around safely managing and storing their sensitive data.
CloudFileSync is a secure file, sync and share
solution built for the IT channel 5

7. Complying with data sovereignty
rules in the age of the cloud
CloudFileSync is a File Sync and Share product that helps companies to securely access
and share their data across a number of devices and platforms.
All the productivity benefits of the cloud with clear visibility
over where your data is stored
Businesses can deploy CloudFileSync on top of in-house private cloud, meaning the data
is physically stored on a server in the company’s own building.
As an alternative, companies can purchase hosted storage from the CloudFileSync
Marketplace.
With either option you will always know where your cloud data is stored and you can
easily comply with data sovereignty rules and regulations
CloudFileSync is a secure file, sync and share
solution built for the IT channel 6

8. Want to know more about
secure and compliant
file sync and share?
CloudFileSync has been developed by Network2Share, a Melbourne-based software
startup.
Get in touch today:
Reagan McKay
CEO, Network2Share
+61 3 9021 2013
www.network2share.com
CloudFileSync is a secure file, sync and share
solution built for the IT channel 7