Feds like risky data cloud as alternative to their creaky computer systems

The federal government is willing to store data in the internet cloud as an alternative to its own aging computers

The federal government is willing to accept the privacy and security risks of storing data in the internet cloud as an alternative to its own aging computers that are “at risk of breaking down,” says an internal policy paper.

The federal paper on “data sovereignty,” obtained through the Access to Information Act, fleshes out the government’s plan to embrace the cloud as a solution to its file management woes.

Privately run cloud companies provide customers, such as federal departments, with virtual computer services — from email systems to vast storage capacity — using software, servers and other hardware hosted on the company’s premises.

The government sees the cloud as a way to meet the needs of Canadians in an era of increasing demand for online services.

However, the paper says, ”a number of concerns” related to data control, protection and privacy have been raised within the government, including:

  • — Storage of sensitive information — designated “Protected B” or higher — outside the country, creating a risk that access might be restricted or denied due to a contractual dispute with a company or a disagreement with the host government;
  • — Handoff of certain security responsibilities to the cloud service provider;
  • — The possibility that courts could compel foreign-owned cloud service providers to turn over Canadian data to their governments.

Many countries, including Canada, have laws allowing them to subpoena or obtain a warrant for information from private organizations to support legal investigations, the paper notes.

The U.S. Patriot Act, passed following the 2001 terrorist attacks in New York and Washington, gave the Federal Bureau of Investigation broader access to records held by firms in the United States, including data on Canadians.

In addition, there are long-standing information-sharing agreements and a legal assistance process between security and law-enforcement agencies in both countries — “the most likely vehicles for obtaining access to information held in Canada,” the policy paper says.

Canada’s government has legal obligations to protect personal data and highly sensitive information related to national security, cabinet discussions, military affairs and legal matters.

Related: Liberal elections bill aimed at tighter rules on spending, fake news, privacy

As a result, Treasury Board has drafted a policy declaring all Protected B, Protected C and classified electronic federal data must be stored in a government-approved computing facility located in Canada or within the premises of a department abroad, such as a diplomatic mission, the paper says.

Canada also plans to limit the kinds of files that can be stored in the cloud and to use encryption to shield sensitive data from prying eyes.

There are risks associated with both moving to the “alternative service delivery model” of the cloud and sticking with the government’s aging computer systems, says Alex Benay, the federal chief information officer, in an October memo to the Treasury Board secretary accompanying the paper.

“Ultimately it becomes a risk trade-off discussion, exchanging existing risks for data sovereignty risks (that can be mitigated to some extent).”

Among the current difficulties is the fact the government’s “aging and mission-critical (information technology) infrastructure are at risk of breaking down and must be renewed,” the paper says. Transforming these systems is “proceeding slower than anticipated,” in part due to the challenges and complexities of consolidating 43 departments.

In the same vein, departments have experienced problems with fixing weaknesses promptly, leaving the government “exposed to cyberthreats,” the paper says. In contrast, cloud service providers have significant budgets to “maintain, patch and secure” their systems.

Finally, the government wants to follow the global trend of providing better digital services for citizens, but demand for computing capabilities and storage space “exceeds the supply available,” the paper acknowledges.

“Cloud first” policies have already been adopted by Australia, Britain, New Zealand and the United States, Canada’s Five Eyes allies.

The U.S. has served notice it wants an end to measures that restrict cross-border data flows, or require the use or installation of local computing facilities. It is among the American goals for ongoing NAFTA renegotiation, posing a possible headache for Canada’s cloud-computing plans.

Related: G7 warned of Russian threats to western democracy

Related: Federal government needs help tackling cyberthreats, internal report warns

Jim Bronskill , The Canadian Press

Like us on Facebook and follow us on Twitter.

Just Posted

TNG block roads, question gov’t on moose hunt

Chief Joe Alphonse confirmed Thursday they’ve deactivated the Raven Lake Road and the Mackin Creek Road just before the Island Lake turnoff

UBCM passes historic resolution brought forth by CCRD

If the resolution is successfully realized, it will mean groundbreaking change for local governments

Bella Coola RCMP appeal for public’s help in wake of suspicious fires

Four suspicious fires in the span of four months prompted local RCMP to bring in fire specialist

Municipal spending outpaces population growth 4-fold in B.C.: report

Canadian Federation of Independent Business has released its annual operational spending report

Series of suspicious fires prompt Bella Coola RCMP to bring in special investigator

Police investigate four fires set between June and Sept. in 4-Mile

Watch out for Pavement Patty: Drivers warned outside B.C. elementary school

New survey reveals unsafe school zones during 2018 back-to-school week

Horvat leads Canucks to 4-3 shootout victory over Kings

Vancouver dumps L.A. in NHL pre-season contest

Update: Search called off for missing plane between Edmonton and Chilliwack

Search efforts were concentrated along the Highway 5 corridor between Valemount and Kamloops

Why Whistler for ski jumping in 2026? Calgary proposal gets pushback

Calgary 2026 proposes re-using the 2010 ski jumping venue Whistler for that sport and nordic

Despite progress, threat of 232 tariffs dominates NAFTA negotiations

Any deal is seen to require congressional approval before Dec. 1 to survive new Mexican government

VIDEO: Hundreds line highway as family brings home body of B.C. teen

Northern B.C. showed their support by lining Hwy 16 as Jessica Patrick’s body returned to Smithers.

B.C. MP Todd Doherty receives award for saving man who collapsed on a plane

Conservative MP was flying from Vancouver to Prince George, B.C., in June last year

Alleged border jumper from Oregon facing 2 charges after police chase in B.C.

Colin Patrick Wilson charged with dangerous operation of motor vehicle, flight from a peace officer

More than 35 B.C. mayors elected without contest

No other candidates for mayor in the upcoming local election in 22 per cent of B.C. cities

Most Read