May 17, 2011
reported that the advent of cloud computing is poised to change the way businesses store data, but it also presents a dramatically increased risk that companies could run afoul of export control regulations if the information is housed outside the U.S.
"The federal government has provided little guidance on export control for users of cloud computing services, but it seems clear that if controlled data winds up on a server in a foreign country, the company that put it there can be on the hook for penalties," said international trade partner Eric McClafferty. "Cloud computing is creating a whole set of affirmative obligations for users."
The article mentions that "To date, concerns about the export control implications of cloud computing are theoretical as the government has yet to take action against a company for its export activities in the cloud. That could change in the coming years, as cloud computing is expected to become much more common."
"The people at a company responsible for government compliance often don't communicate with the information technology staff who may be considering moving the company to a cloud computing system, which is a surefire route to future problems," says McClafferty. "The bottom line is that compliance people at companies need to be in touch with IT personnel and find out about their plans for cloud computing," he said. "You need to address it in an explicit, open way, so you don't get blindsided by the IT department's plans."