Having joined Colt in 2008, Steve Hughes is the leading Cloud and Virtualisation specialist for Colt Enterprise Services. Catch up with Steve’s latest views at http://www.twitter.com/coltandthecloud.
Recently at the Tier1 Research Hosting and Cloud Transformation Summit in London, I sat on a panel discussing the EU legal and compliance landscape with the CTO EMEA of Microsoft, Stephen McGibbon, Digital Realty Trust VP Adam Levine, Hogan Lovells’ Partner, Conor Ward and Tier1’s Daniel Beazer.
Within the last few weeks, Hogan Lovells has published a further paper on this issue, specifically regarding the Patriot Act and its equivalents in Europe entitled “A Global Reality: Governmental Access to Data in the Cloud”. The White Paper is a very good read. It challenges the frequently-expressed assumption that the United States is alone in permitting governmental access to data for law enforcement or national security reasons. It examines the laws of ten countries, including many in Europe, with respect to governmental authorities’ ability to access data stored in or transmitted in those countries, and documents the similarities and differences among the various legal regimes.
The conclusion is that US requirements are not that different from the rest of the world. As the report says “Governmental access to data stored in the Cloud – including cross-border access – exists in every jurisdiction”.
On the other side of the pond, critics of the EU's data protection regime like to characterise it as a form of protectionism designed to make entry into the European markets difficult for outsiders. But concerns about this and the Patriot Act were succinctly put into context by Conor Ward at the Tier1 panel session. According to Ward, it has more in common with the practise of hiding behind Health and Safety as a reason for inactivity - a blanket excuse not to perform a difficult or inconvenient task.
He argued that scaremongering is rife in the market, pointing out that cloud computing is not unique or new and neither are privacy issues. Likewise, offshore and outsourcing are decades old. He went on to state there is nothing new, unreasonable or onerous about the regimes currently in place; outsourcing has existed for decades and therefore the legal framework that surrounds moving data is relatively mature.
No comments on 'Are we hiding behind data protection? Is it the new health and safety?' Be the first to comment