Dan Michaluk has a great post over at slaw.ca asking an important question for anyone considering moving their data to the "cloud":
After reviewing the relevant law, he concludes that the best approach would be to define the terms of service very carefully, ensuring that data is kept in the digital equivalent of a sealed container and that it is absolutely clear that the data being hosted is confidential.
Perhaps the most bit:
There are those who may suggest that information that deserves the special protection associated with confidential or private status should always be under an owner’s direct control. A more nuanced view that turns on the actual relationship between data owner and data processor invites a realistic balancing of interests that doesn’t clash with a model of computing that has become so prominent. Bring on the cloud!
Dan gets it. The internet has made it next to impossible to be sure that your information lives only in your office, and developments in cloud computing and online collaboration tools make it undesirable to insist on local storage. We need a legal model that allows us to adopt these new tools without losing our traditional expectations of privacy.