When it comes to safety and privacy for electronic communications data, location is everything

Global Relay’s Senior Writer for Due Diligence, Vince Mendoza, reflects on the importance of location when storing electronic communications data.

12 December 2022 4 mins read
by Jennie Clarke

Selecting a place in which to store electronic communications data is somewhat like choosing where to build or buy a house: it’s all about location. Just as a property’s location determines its present value – and can help protect its future one – where a firm stores its data will essentially define the level of safety, privacy, and protection it will enjoy now and in the future.  

Firms need to consider a number of critical factors when deciding on a location for their electronic communications data, among which:

– Does the host country have strong regulations governing data collection, access, and use?

– Does it enjoy a level of stability, as well as safety, from geopolitical risks and natural disasters?

– Does the data archiving company maintain appropriate data security, availability, processing integrity, and confidentiality controls?

– Does it have a reliable disaster recovery and business continuity plan?

The importance of data cannot be overstated – nor can the exigency of storing it securely. Accordingly, organizations should explore all conceivable threat options through thorough risk analysis before committing.  

Canada’s strict data privacy and protection regulations – and Global Relay’s strong and comprehensive technical controls – make them the perfect environment for data storage.

Why Canada for electronic communications data?

It’s a globally recognized data-safe zone

Canada offers financial services firms across the globe several advantages related to data processing, storage, and management. Recognized by much of the world as a “data-safe zone,” Canada has stringent privacy laws such as the Personal Information Protection & Electronic Documents Act (PIPEDA) governing the way personal information may be collected, used, and disclosed.

After twice auditing PIPEDA, the European Commission determined that Canada provides an adequate level of protection to data transferred from EU countries and Norway, Liechtenstein, and Iceland. The European Commission’s adequacy decisions, including for Canada, remain valid under the General Data Protection Regulation (GDPR).

If that wasn’t reason enough, Canada falls within the scope of U.S. data requirements too, so your electronic communications data is compliantly held across borders. While neither the U.S. Securities and Exchange Commission (SEC), nor the Financial Industry Regulatory Authority (FINRA), has express requirements for where electronic communication records must reside, both regulators require financial services firms to preserve their records for specified retention periods, the first two years of which should be in an easily accessible place. This makes Canada the ideal location for American financial firms to host their data.

Why Global Relay for electronic communications data?

It’s your trusted compliance archiving partner

The numbers speak for themselves: over 20,000 customers in 90 countries, including 22 of the world’s largest banks, trust Global Relay with their compliance recordkeeping and supervision requirements. The numerous firms that have elected to store their data on Canadian soil recognize Global Relay as the only viable archiving service provider.

Global Relay hosts the majority of its customers’ electronic communications data in two mirrored Canadian data centers (we also maintain American data centers for customers with U.S. storage requirements). These facilities, along with our archiving platform, undergo annual SOC 2 audits, while our internet-facing systems go through penetration testing (“ethical hacking”). We maintain a comprehensive disaster recovery/business continuity plan, which is also tested annually.

Multinational firms typically have complex needs and expectations owing to local and national laws. With 95% of our business involving trans-border data flow, Global Relay routinely helps customers move their electronic communications data across international borders to meet compliance obligations. Customers can search and retrieve their data 24x7x365 – an invaluable capability during audits, investigations, and even litigation.

Organizations are understandably anxious about the security and privacy of their data, concerned as much about who’s hosting it as where it’s being stored. Global Relay data centers’ Canadian location – and our excellent record of zero security/privacy breach throughout our 20+ year tenure – provides firms with the peace of mind they seek.


This article is subject to Global Relay’s Policies and Terms of Use and does not constitute legal or compliance advice.

If you’d like to learn more about Global Relay’s green data center, or how we can seamlessly empower you to archive and manage your electronic communications data, get in touch.