from the article:
At the start of 2012, the commissioners announced plans to create a new legal environment that should make it simpler for cloud providers to offer solutions that support innovation and mobility while also providing security and data portability.
At the heart of this plan is a new approach to data protection that means it will no longer matter where the data is or where the provider is based: "In Madrid, Mumbai or Mountain View", as Kroes put it. If the customer is based in the EU, EU data protection standards will apply.
In short, says Reding, cloud service providers will need to offer "privacy by design" as standard.
for full text see here, also related article see here.
At the start of 2012, the commissioners announced plans to create a new legal environment that should make it simpler for cloud providers to offer solutions that support innovation and mobility while also providing security and data portability.
At the heart of this plan is a new approach to data protection that means it will no longer matter where the data is or where the provider is based: "In Madrid, Mumbai or Mountain View", as Kroes put it. If the customer is based in the EU, EU data protection standards will apply.
In short, says Reding, cloud service providers will need to offer "privacy by design" as standard.
for full text see here, also related article see here.
In terms of the security of the data, from a consumer point of view, it should not matter when contracting with an EU-based entity? By virtue of the data export provisions, an EU-based data controller would need to ensure adequate safeguards — although perhaps this is not enough.
ReplyDeleteSalva might have some thoughts on this — it's the subject of his dissertation!