The decision is all the more surprising given the extent of talk in government circles these days about keeping Australia safe online and guarding the country's secrets.
That only six companies had been certified as Protected cloud providers thus far is testimony to the strictness of the criteria laid down to gain this status. It involved a great deal of expenditure and also a lot of patience; additionally, there was a need for cloud providers to have well-qualified people on board so that the technical requirements could be met in their entirety.
But though the decision was announced on Monday, it has been in the making officially since July last year, as announced by the ASD and the Digital Transformation Agency. Informed sources have told iTWire that the decision was driven by the ASD's desire to avoid being the fall guy for any mix-up in certification.
With the ASD withdrawing from the certification role, each cloud provider will now have to approach each government agency and convince the latter of their suitability to handle a given task for which they are bidding. Each agency will have its own specific requirements based on the nature of what it is looking to outsource.
Self-regulation will, no doubt, be cheaper for the cloud providers, but any extra expense under the old rules that lesser-known companies incurred to get certified was more than compensated for by the amount that government contracts are worth.
Under the scenario that takes effect now, bigger companies will have a distinct advantage in gaining government contracts - even though one of the stated reasons for the change is to give smaller firms a chance to compete for the big money paid out by the government. The old saying "one never got fired for buying IBM" will come to dominate transactions.
Given that, it is unlikely that local cloud providers, who look to cash in on government work, will be happy with the change. The responsibility they have to bear will be increased a thousandfold and there will be no set criteria and an inspector to catch any shortcomings.
Instead, there will be something akin to a free-for-all which will certainly not make Australia's top-secret data safer. As with many things, it looks very much as though the government says one thing in public, and then does precisely the opposite.