1、 itif.org Technical and Legal Criteria for Assessing Cloud Trustworthiness NIGEL CORY|APRIL 2024 Global data and technology governance will be challenging without cooperation on cloud trustworthiness.Policymakers should avoid simplistic assessments based on nationality and instead develop more holis

2、tic assessments based on legal and technical criteria.KEY TAKEAWAYS Concerns about trusting cloud services have existed since their creation,but recent concerns about governments compelling access to cloud firms data and services are leading to misguided knee-jerk reactions based on nationality.Focu

3、sing solely on a firms nationality without considering how a firm or its home country contributes to or detracts from cloud trustworthiness does little to enhance cloud cybersecurity and data privacy and create an open and competitive cloud market.China looms over cloud trustworthiness assessments,b

4、ut its much broader.G7 and like-minded countries have a mixed record with policies that both fracture the cloud and provide the basis for a more cooperative approach to cloud trustworthiness.Policymakers at the G7,OECD,and elsewhere should establish technical and legal criteria for evaluating cloud

5、trustworthiness rather than relying on vague national security and intelligence concerns.If countries trust each other in contexts such as defense,intelligence,law enforcement,and trade,but they dont trust each others cloud firms,then how are they supposed to work together,and with third countries,o

6、n other tech issues?A diverse set of legal and technical criteria gives firms,and their host countries,a clear goal to work toward.Concerns about cloud trustworthiness are global and not just an issue for the European Union,the United States,and China.INFORMATION TECHNOLOGY&INNOVATION FOUNDATION|APR