This phrase has been around for at least 15 years, but only in a specialist way. One sense is that of a place of safety and security for electronic information, for example where encrypted copies of crucial data can be stored as a backup away from one’s place of business. But it can also mean a site in which data can be stored outside the jurisdiction of regulatory authorities. This sense has come to wider public notice recently as a result of Neal Stephenson’s book Cryptonomicon, in which the establishment of such a haven in South East Asia is part of the plot. In a classic case of life imitating art, there is now a proposal to set up a data haven on one of the old World War Two forts off the east coast of Britain, which declared independence under the name of Sealand back in 1967 (it issues its own stamps and money, for example). The idea is to get round a proposed British law — the Regulation of Investigatory Powers Bill (RIP) — that would force firms to hand over decryption keys if a crime is suspected and make Internet providers install equipment to allow interception of e-mails by the security services.
The Privacy Act doesn’t protect information from being transferred from New Zealand to data havens — countries that don’t have adequate privacy protection.
Computerworld, May 1999
The government last night poured cold water on a plan by a group of entrepreneurs to establish a “data haven” on a rusting iron fortress in the North Sea in an attempt to circumvent new anti-cryptography laws.
Guardian, June 2000