EC plans new cloud data rules

European Union data protection laws need rapid and wide-reaching overhaul to cover increasing use of cloud services, European Commission (EC) vice president Viviane Reding claims.
Updated laws should ensure that consumers are in full control of the information they share and where they share it, businesses make security a bedrock of cloud services, and clarify how European information is shared with other global nations, Reding told a GSM Association cloud security round table yesterday.
Reding, who is also the EU justice commissioner for privacy, notes that current laws are over 15 years old, and so fail to account for new data protection scenarios raised by growing cloud adoption.
“Technological advances in 2011 represent one of the biggest challenges to data protection and data security of our citizens,” Reding states, adding that fresh data protection laws are needed to meet “these new challenges and any new situations.”
The new laws should also encourage a level playing field between businesses of all sizes. Redding notes that cloud services are already benefitting small to medium-sized enterprises by removing the need for them to maintain costly servers on-site. “Inefficient data protection rules hold businesses back,” the commissioner points out.
Redding says the protection elements outlined at the round table will form the basis of a new package of legislative proposals due in January. The commissioner also pledged to work closely with digital agenda vice president Neelie Kroes, who plans to propose a Europe-wide cloud computing strategy in 2012, because “we both believe that Europe should be in the fast lane when it comes to cloud computing,” Redding notes.