Crossroads Blog | CYBER SECURITY LAW AND POLICY

Current Affairs, Identity Management, international law, Law, Privacy

Cloud Computing Hits Snag in Europe

In an article by Kevin J. O'Brien, dated September 19, 2010, The New York Times reports that "cloud computing," which involves aggregating thousands of computer servers for increased processing power and is believed by many to be tomorrow's reality, has run up against the European Union's strict privacy laws.    

The technology's appeal for multi-national corporations and governments is obvious.  As The New York Times explains, "By bundling the processing power of thousands of computer servers, a company . . . could allow two employees from different countries who speak different languages to communicate directly by phone, using voice recognition software to process what is being said and translation programs to interpret it into another language."  If all goes well, the result is a "seamless conversation" without the need for either party to learn and speak her counterpart's language.  

Bob Lindsay, privacy director for Hewlett-Packard, said of Europe's privacy laws, "This isn't killing the business, but it is slowing it evolution, compared with what is taking place in the United States." According to The New York Times, cloud computing "has grown rapidly in the United States under a legal system that permits the sale and transfer of many forms of private data."  In contrast, Europe's privacy laws place strict limits on the movement of information beyond the borders of the E.U. and include a broader understanding of what constitutes "personal data."  The E.U. definition includes "information like names, addresses and phone numbers in phone books." 

Part of the appeal of cloud computing also has to do with the potential savings that corporations would enjoy in being able to dispense with "in-house corporate information technology departments and hardware and software purchases."  Clients of cloud computing technologies are evidently listening; Gartner, an industry research firm, estimates that "global sales of cloud services will rise 17 percent this year to $68.3 billion."   

Technology providers, including U.S.-based Mircosoft, Google, H.P., and Oracle, are lobbying European lawmakers to push for relaxed laws regulating cross-border data transfers.  Moreover, H.P. is developing encryption technology that would encrypt the outgoing data before sending it "into a cloud computing center and then decrypt it after is leaves the cloud."  

Another solution also being studied is to put the control in the hands of the individual user.  Under this model, the individual can "set the degree of privacy control on each part of their personal information in the cloud by digitally tagging bits of the data."  This approach would allow a person to "make an email address available to marketers, while shielding a phone number and street address from unwanted solicitations." H.P. is also testing a new software, called "H.P. Privacy Advisor," which mirrors this approach

According to Siani Pearson, an H.P. researcher, "The benefits and impact of the cloud are so great, and the legislative and technical issues are what they are at the moment.  (The objective) is to make sure that the benefits of the cloud come even within the existing framework."  

The full article can be found at the link above, or here.  

Leave a Reply