Beware the Cloud Subpoena

Cloud’s great, it’s easy and it’s secure … right?

Well, probably, ish. One of the issues that we need to consider is that a competitor could subpoena your cloud service provider to hand your data over to them.  Perhaps your competitor thinks you are breaking a law in their country. Perhaps your competitor can bribe their country’s courts.

Many companies use Salesforce to store highly confidential information. This information is non privileged and is discoverable. Rule 26 of the federal rules of procedure could be used to disclose information to competitors. 

Salesforce say that they will comply with any legal request … 

if we are required to disclose your information by subpoena or in any other due process of law by a properly authorized government agency we would have no other choice but to fully comply

You need to check your contract to see if Salesforce will tell you about it.  Normally they will.

Here’s what facebook do

The likelihood of a competitor requesting your data is probably pretty low:  most other companies have the same risk.  The first time it happens, I suspect Salesforce’s business model falls. It’s high impact though.

To mitigate this risk:

  • Decide if you can accept the risk of a competitor getting a court order to disclose your data
  • Determine if there is anything in the contract where Salesforce will give you the opportunity to challenge the request.  

The financial advantages outweigh the risks … so continue to use it, but monitor.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s