Europe's Reservations About Cloud Computing

Saturday, September 04, 2010

David Navetta


Article by W. Scott Blackmer

German state data protection authorities have recently criticized both cloud computing and the EU-US Safe Harbor Framework. From some of the reactions, you would think that both are in imminent danger of a European crackdown.

That’s not likely, but the comments reflect some concerns with recent trends in outsourcing and transborder data flows that multinationals would be well advised to address in their planning and operations.

In April, the Düsseldorfer Kreis, an informal group of state data protection officials that attempts to coordinate approaches to international data transfers under Germany’s federal system, called on the US Federal Trade Commission to increase its monitoring and enforcement of Safe Harbor commitments by US companies handling European personal data. On July 23, Dr.

Thilo Weichert, head of the data protection commission in the northernmost German state of Schleswig-Holstein (capital: Kiel), issued a press release provocatively titled “10th Anniversary of Safe Harbor – many reasons to act but none to celebrate.”

Dr. Weichert cites an upcoming report by an Australian consultancy (Galexia) asserting that hundreds of American companies claiming to be part of the Safe Harbor program are not currently certified, and that many Safe Harbor companies fail to provide information to individuals on how to enforce their rights or refer them to costly self-regulatory dispute resolution programs.

Dr. Weichert urges a radical solution: “From a privacy perspective there is only one conclusion to be drawn from the lessons learned – to terminate safe harbor immediately.”

Dr. Weichert also attracted international attention with another press release issued this summer, entitled (translating loosely) “Data protection in cloud computing? So far, nil!” The press release refers to his recently published opinion on “Cloud Computing und

Datenschutz,” which is deeply skeptical about the ability of cloud customers to assure compliance with European data protection laws.

Cross-posted form InfoLawGroup

Possibly Related Articles:
Cloud Security
Government Cloud Computing
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.