The continued convergence of technologies for security, information management and compliance will make possible a new level of automation for IT - and organisations will be looking to IT to guide them through the process.

There has been a constant stream of change in virtualisation technologies over the past two years.

The first wave of virtualisation focused on specific platforms and hardware such as storage, servers, networks, and desktops. As virtualisation becomes commoditised, the next wave of this technology will change the way software is delivered, managed and consumed at the endpoint, thereby improving user productivity while reducing IT complexity.

Businesses need to use virtualisation to separate out valuable information, manage it easily, protect it completely and control it automatically.

In the last two years there has been a massive information explosion.

Today organisations are dealing with petabytes of data - and the amount is growing.  The amount of stored information is growing at 50 percent a year.

Information is as distributed and mobile as today's workforce. It lives in hard-to-protect unstructured formats - e-mail, spreadsheets, and instant messages.

And as SaaS grows, customers' most sensitive data will often be found in the "cloud."

No decisions can be made by customers today about the management of that data without thinking about how they would secure it as well. We are seeing that securing information and managing information are not only converging, but also being thought about as a common process.

There are a number of key trends that will shape the future approaches customers use to manage the growing volume of information.

1. The ongoing migration from tape to disk is transforming the storage arena.

Operational control is improving - and the administrative burden and manual mishaps that often occur with tape are becoming scarcer.

Australian business needs to recognise its own interests in international privacy protection and take a more active part in the debate.

The recent partial endorsement by the Australian Law Reform Commission of the APEC approach to privacy protection of personal information that crosses national borders (see media statement of 11 August 2008) is likely to enliven public discussion of options for international privacy protection. Already, Chris Connolly has published a critique of APEC's accountability principle under which the exporter of personal information remains accountable for its privacy protection. ('Asia-Pacific Region at the Privacy Crossroads (2008)', Chris Connolly, Galexia).

It is this principle that, subject to some qualifications, has been adopted in the privacy report of the Australian Law Reform Commission. One of the qualifications is that the exporter should not be accountable where the laws of the receiving jurisdiction are rated as ‘adequate'.

Rating is to be done by the Australian Government which, under current administrative arrangements, means Senator Faulkner supported by the Department of the Prime Minister and Cabinet. Thus, the concept of ‘adequacy', which derives from the European Union's Privacy Directive, enters by the back door.

The Connolly article conveniently summarises the arguments put forward in public commentary on the APEC Privacy Framework. As the former chair of the working group that drafted the Framework, it appears to me that there are three underlying arguments, repeated in the Connolly article, that should not go unchallenged - that implementation of the Framework would be more burdensome than the EU approach, that the EU approach is the only valid one and that the Framework merely reflects the dominance of US business.

SYDNEY - As the Surveyor General of NSW, I am pleased to introduce the first of a series of discussion forums relating to spatial information. Over the next twelve months, with the assistance of Open Forum, we will initiate a series of conversations relating to spatial information.