The complexity of data sovereignty in a multi-polar world

Issue 6 2023 Infrastructure


Andrew Cruise.

“The importance of data sovereignty and security creates complexity in a world where sharing such information across borders generates huge social and economic benefits,” says Andrew Cruise, Managing Director of Routed. It is clear that in the digital age, data sovereignty is becoming more important, as data is increasingly generated and collected through a variety of channels, including e-commerce, social media platforms and mobile devices.

Essentially, data sovereignty is a phrase that describes the principle that a country has the authority and right to govern and control the data generated within its borders. Thus, the concept of data sovereignty gives governments the power to regulate the collection, storage, processing, and distribution of any data that originates within their borders.

Obviously, this will have an impact on cross-border data flows and international data-sharing agreements. Remember that different countries adopt different data sovereignty policies, but broadly, they are about demanding that data generated within the country be kept within the borders for security or regulatory purposes.

Complicating the situation is the recognition that data access and the sharing of such information across borders generates social and economic benefits of somewhere between 2,5% and 4% of GDP. In addition, data transfers of this nature also enable a wide variety of other critical activities, such as the sharing of essential information related to crime prevention, scientific research and innovation, anti-fraud and money-laundering activities, disaster management and even climate change.

It is worth paying close attention to data sovereignty, not only from the point of view of safeguarding private data, but also to avoid liability issues related to legal violations associated with a failure to protect personal information.

A major reason for the complexity around data sovereignty is that the laws governing it vary greatly from country to country, as do cloud service providers’ agreements concerning privacy policies and user rights. Therefore, organisations operating across multiple countries or regions must understand each country’s regulations to comply with all applicable laws.

In fact, ultimately, there are multiple differing definitions of exactly what constitutes ‘data sovereignty’, and it is vital that we obtain some form of industry-wide collaboration in defining and upholding the principles of data sovereignty.

Recognising the complexities of data sovereignty, VMware notes that the answer lies in sovereign cloud deployment, as this is an option that is inherently more secure and offers better data integrity and data assurance.

To this end, VMware is making efforts to promote Sovereign Cloud Partnerships and the criteria they use to select providers, but at the same time, it seeks to limit the number of providers in each region - thus ensuring the rarity of the ‘cloud sovereignty’ badge.

Among VMware’s requirements are for such service providers to have locally sited data centres and, in terms of data security, for them to be ISO and payment card industry data security standard (PCI-DSS) compliant - both areas where Routed has met requirements.

It already segregates management networks from production networks, storage traffic from a host strategy, and even separates host traffic from public-facing web traffic. In addition, we have multi-factor authentication (MFA) in place and have been leveraging the principle of least access from the very beginning. Routed has been highly conscious of implementing security best practices on its infrastructure from the outset.

Moreover, while the company may have secured our back end, poor security measures further down the value chain, like leaving ports open on firewalls, are difficult to mitigate against. However, when it comes to issues of data resilience and data integrity, this requires that backup and replication products be available to assist in a disaster recovery scenario.

Ultimately, there is no one true definition of what data sovereignty is, but it will always entail data locality within sovereign borders, data security and data integrity.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

From drone market growth to application-level commercialisation
IoT & Automation Infrastructure
After years of pilot projects and technology validation, the question for the market is shifting from whether drones can fly safely and collect data, to where they can deliver repeatable operational value at scale.

Read more...
AI-enabled NVR for Milestone XProtect
Surveillance Infrastructure Products & Solutions
As surveillance environments continue to grow in scale and complexity, organisations need infrastructure that is easy to deploy, simple to manage, and ready for AI-driven workloads.

Read more...
Industry perspective on industrial cybersecurity
Technews Publishing News & Events Infrastructure Industrial (Industry)
The Industrial Security Harmonization Group has released a joint industry perspective highlighting a critical truth in industrial cybersecurity: secure communication is not determined by protocols alone, but by how they are deployed and managed in real-world environments.

Read more...
Cyber resilience is the real defence
Security Services & Risk Management Information Security Infrastructure
Cyber resilience has evolved into a form of strategic agility, ensuring that when an interruption occurs, the business does not just survive; it snaps back into place before the market even notices a pause.

Read more...
Power, performance and profit
Power Management Infrastructure
Electricity remains the single largest operating cost for most data centres. In many African markets, power infrastructure is ageing or inconsistent, forcing operators to rely on backup generation to keep facilities online.

Read more...
Five signs your storage is holding you back
Infrastructure Surveillance
In the drive for business growth, organisations across South Africa are investing heavily in talent, applications, and strategy. Yet the foundational technology that underpins every digital interaction - data storage - is often overlooked.

Read more...
Service robot technology for residential complexes
Suprema AI & Data Analytics Infrastructure Residential Estate (Industry)
Suprema has signed a three-party memorandum of understanding (MOU) with Hyundai Motor Group Robotics LAB and Hyundai Engineering & Construction (Hyundai E&C) to collaborate on advancing residential complexes through service robot technology.

Read more...
Genetec launches Cloudlink 2210
Genetec Infrastructure Surveillance
New cloud-managed appliance addresses the practical challenges when adopting a cloud-managed model at scale, including storage costs, support for devices that do not enable direct-to-cloud connectivity, and the need to maintain local operation during connectivity disruptions

Read more...
Proactive estate security in Cape Town
neaMetrics OneSpace Technologies Technews Publishing SMART Security Solutions Fang Fences & Guards ATG Digital Editor's Choice News & Events Integrated Solutions Infrastructure Residential Estate (Industry)
SMART Security Solutions started the year with our annual SMART Estate Security Conference in Cape Town on 26 February 2026. Held at Anna Beulah Farm, the conference saw a number of delegates enjoying the farm’s excellent cuisine, while listening to outstanding presenters.

Read more...
AI projects are failing at alarming rates
AI & Data Analytics Infrastructure
As organisations around the world accelerate their investments in artificial intelligence, digital transformation and data analytics, a growing number of industry experts are warning that many companies are still approaching these initiatives in fundamentally flawed ways.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.