Jusletter IT

The discussion about the use of cloud services in public administration is becoming more and more of a «Gretchen question»: «Tell me, how do you feel about the cloud?» Or more precisely: «How are you doing with the challenges that come with a cloud solution?» On the one hand, there are the undeniable advantages that cloud services bring to (cantonal or federal) institutions: High and especially stable computing power can be purchased comparatively cheaply and according to need. This is an almost unbeatable argument, were it not for the unavoidable security risks associated with cloud services due to cyberattacks, the legal challenges of commissioned data processing and data processing abroad and, finally, and finally the state and socio-political questions regarding digital state sovereignty. Particularly with regard to state digital sovereignty, however, it is clear that the debate on this topic is still in its infancy. It almost seems as if the relevance of data for the functioning of the state and internal security is underestimated because data is «not tangible» – in contrast, for example, to the state’s gold reserves, whose need for protection and domestic storage is not disputed. Sandra Husi and Peter Andres take up these issues in their article and classify the risks of cloud use in a state context in terms of state policy, law and technology. There cannot be a simple «black and white solution» in the cloud context either, which is why the authors point out ways of thinking and finding solutions as to how decision-makers can fulfil their responsibilities in the cloud environment.