Amazon Web Services coming to Canada

In a blog post on the AWS site, Amazon Web Services Chief Evangelist  Jeff Barr announced that Amazon Web Services will be bringing their cloud computing service to Canada sometime this year.

This is potentially big news for edtech in Canada where our privacy laws have hindered the use of cloud based services where personal data may be stored outside of the country.

These days, it’s hard to find scalable edtech infastructure and services that are not built on AWS (or other) cloud services, and having data stored outside of Canada using cloud services has traditionally been a barrier to adoption for Canadian institutions. Not a deal breaker as there are ways to mitigate and still be compliant with privacy laws through informed consent, etc. But for many, the P.I.A (Privacy Impact Assessment) is a P.I.A. and enough of a barrier that it hindered the use of cloud based services.

For an edtech example, Canvas has had very little uptake in Canada because it is built on AWS.

Of the 25 public post-secondary institutions in BC, there is only a single institution using Canvas, and they are self hosting to work around the data storage issue. With a regional offering of AWS in Canada, I would expect to see a company like Instructure bring Canvas north of the border soon, and it being a serious contender for institutions undertaking LMS reviews.

While not explicitly stated in the release that it will be compatible with all the different provincial and federal privacy laws, it’s hard to imagine Amazon rolling out services in Canada that are not as compliant as possible. Indeed, privacy compliance with federal and provincial laws would be one of the biggest selling points for the service in Canada, as PCWorld notes;

Having a dedicated Canadian region will be important for organizations that need to comply with the patchwork of regional data protection laws Canada has, which requires the storage of some types of data inside Canada, depending on where the storer is located.

Although the question of “does legislation actually make a difference where data is stored in an interconnected world?” hangs in the air, with many seeing these regulations as doing nothing by providing the illusion of data protection for citizens.

And who knows, the TPP may get ratified in Canada and then it is a different data protection game altogether as the TPP clause on free flowing data between member countries would put it at direct odds with provincial & federal privacy laws. And while edtech might win with the TPP in that we get better access to more cloud services,  I have real concerns at what the cost to the rest of our society might be.

Addendum

Shortly after I posted this, Scott Leslie tweeted in response to this post that even if the servers are located in Canada, there is still a question of where the parent company is located.

Photo:Sensitive Data sign, Freegeek, Portland, Oregon, USA by Cory Doctorow CC-BY-SA

 

Privacy and cloud based apps – a background paper from BCcampus

Descending Clouds

Ahead of their province wide conference on Privacy and Cloud-Based Educational Technology happening on April 4th, BCcampus has released a background white paper on Privacy and Cloud-Based Educational Technology in British Columbia (PDF).

The report is based on questionnaires and interviews conducted by BCcampus with a cross section of institutional stakeholders (instructors, teaching and learning centres and IT administrators) at 9 BC post-secondary institutions (25 were contacted) in the Fall of 2010.

The paper highlights some of the concerns and benefits post-sec institutions in BC are grappling with when considering using cloud-based applications and services (specifically those hosted in the US), and illustrates some examples of how BC post-sec’s have addressed these issues within their institutions.

Some institutions are afraid to authorize any “web 2.0” technologies because of privacy concerns, some have used workarounds, and some have just gone ahead and implemented institution-wide technologies to the best of their ability.

If you are involved in IT or EdTech in BC, this report is well worth the read and provides some real-life examples of how post-sec institutions in BC are addressing the ambiguous issues inherent with the big elephant in the room. As the report notes:

All (post-secondary institutions) have one thing in common: the need for clarity around what is or is not aligned with B.C.’s privacy legislation.

This ambiguity is reflected in one of the questions raised by Vancouver Island University:

Getting clear-cut responses from the Office of the BC Privacy Commissioner is important to  enabling post-secondary administrators to provide correct advice and guidance on FIPPA  related questions. What can the BC government ministry [responsible for FIPPA] do to  facilitate this?

Gina Bennett from the College of the Rockies also reflects this clarity concern.

According to Gina Bennett at COTR, FIPPA requirements aren’t well understood. “[Postsecondary institutions] use extreme caution, they don’t act -out of fear– or they fly under the  radar,” when they consider using cloud-based services or social media.

But my favorite Gina Bennett quote has to be this one, which nicely encapsulates one of the big picture issue that are at stake here.

“I wish we could have ‘openness people’ rather than ‘privacy people” at institutions. We  should be all about sharing. What is the purpose of the academy if not for sharing ideas?”

Hear, hear.

Photo: Descending Clouds by Gary Hayes used under Creative Commons license