In today's digital landscape, data privacy and protection are of paramount importance. MikroCloud leverages Amazon Web Services (AWS) to host its services, while guaranteeing the highest level of data privacy for its users. In this article, we will explain the Foreign Intelligence Surveillance Act (FISA) 702, its relevance to AWS, and how our Data Processing Agreement (DPA) with AWS limits access to user data.
The Foreign Intelligence Surveillance Act (FISA) 702 is a United States law that grants the U.S. government the authority to access the communications of non-U.S. persons located outside the United States without a warrant. This access is intended for foreign intelligence purposes. FISA 702 has raised concerns among individuals and businesses due to its potential impact on data privacy.
As a U.S.-based company, Amazon Web Services (AWS) falls under U.S. jurisdiction, including FISA 702. This means that the U.S. government could potentially request access to data stored on AWS servers. However, AWS has implemented stringent safeguards to protect customer data and ensure that access to this data is strictly controlled.
MikroCloud has established a Data Processing Agreement (DPA) with AWS to ensure user data protection. The DPA defines the responsibilities of both parties and includes specific provisions that restrict AWS from accessing user data without MikroCloud's explicit permission.
- Limited Access: AWS is only permitted to access user data when explicitly instructed by MikroCloud, and solely for the purpose of providing services outlined in the agreement.
- Data Encryption: All user data is encrypted both in transit and at rest, ensuring that even in the event of unauthorized access, the data remains secure and unreadable.
- Strict Compliance with Data Protection Regulations: MikroCloud's DPA with AWS mandates compliance with data protection regulations such as the European Union's General Data Protection Regulation (GDPR), which sets strict standards for data protection and privacy.
- Subprocessor Restrictions: AWS is obligated to ensure that any subprocessors it employs also adhere to the data protection standards specified in the DPA.
- Audit Rights: MikroCloud retains the right to audit AWS's compliance with the DPA, ensuring that AWS abides by the agreed-upon data protection standards.
By utilizing AWS and implementing a robust DPA, MikroCloud effectively safeguards its users from potential data access under FISA 702. We are dedicated to protecting the privacy and security of our users' data and continuously strive to ensure that our infrastructure and processes align with industry best practices and global data protection standards.