Australian organisations destined for the cloud now have the dilemma of dealing with warrantless demands from US law enforcement as part of their due diligence, a partner at a top international law firm said.

Connie Carnabuci, a Hong Kong-based partner in global No.2 law firm Freshfields Bruckhaus Deringer, said recent cases such as the Megaupload.com arrests this week and the overreach of US anti-terrorism legislation since 2001 laid bare Australians' data.

Australian data hosted in the cloud my be subject to US law, say lawyers. Credit:Nic Walker

In a fillip for her host Macquarie Telecom, which stands to gain from promoting the idea of onshore cloud computing as it pitches for business against US data centres, Carnabuci said interpretation of the US Patriot Act was so broad it captured almost any communication or data held in the US or by Australian businesses with US "connections".

She related the story of how a Canadian Privacy Commissioner sided with US authorities to force CIBC to divulge private customer records because the bank outsourced data processing to a US company.