Feeds

Lib Dems: Gov must look at security of public data cloud

Keeping stuff outside UK could erode citizens' rights

Gartner critical capabilities for enterprise endpoint backup

The Liberal Democrat party has said that the government should investigate the potential for abuse of data owners' rights if private companies hosted public data outside the UK. The junior Coalition partner raised the issue in in its Policies for Information Technology paper.

"Cloud computing is an area where, if [it is] left unchecked, there is serious potential for abuse – for example, large corporations taking control of enormous quantities of public or private data outside the reach of national law," the paper (21-page/131KB PDF) said.

"Cloud is only attractive if it embodies the principles on privacy and data ownership, access, project management and procurement that we have set out elsewhere in this paper. We recommend that as a matter of urgency, the Government consider the security issues involved with cloud computing, particularly regarding data location and segregation," it said.

Cloud computing refers to the storage of files and programs on an internet-based network rather than on local computing resources. It allows internet users to access or store information without owning the software required to do so and many online companies, such as Google, operate huge servers that store the data and deliver it to users.

The Lib Dems said that the UK should work with other governments and international bodies to help establish a watchdog regime for cloud services. The party said it believed industry bodies were best placed to regulate content on the internet. It suggested that, where the organisations are not dealing with illegal material, their "processes" should be transparent and their operations overseen by the UK's communications regulator, Ofcom.

Earlier this year the European Commission held a consultation looking into the issue of cloud computing. The Commission appeared to be considering measures to help standardise terms and conditions for using cloud services. The consultation asked it if it would be "useful" to establish "model Service Level Agreements or End User Agreements" within contractual agreements for cloud services.

The consultation, which closed at the end of August, asked respondents to specify updates the Commission could apply to the EU Data Protection Directive "that could further facilitate cloud computing while preserving the level of protection". A Commission spokesperson told Out-Law.com earlier this week that new proposals for EU data protection laws would be announced within the next six months.

The Commission is expected to announce a European cloud computing strategy next year and aims to "clarify the legal conditions for the take-up of cloud computing in Europe, stimulate the development of a competitive European cloud industry and market, and facilitate the roll-out of innovative cloud computing services for citizens and businesses," it said in a statement in May.

Cloud computing providers often detail the jurisdiction in which data is held in contract terms, but a judge in the High Court last year ruled that a company is responsible for "making available" internet-hosted material in the country where its host server is based, not in the country where the material is read or used.

Copyright © 2011, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Secure remote control for conventional and virtual desktops

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Object storage bods Exablox: RAID is dead, baby. RAID is dead
Bring your own disks to its object appliances
Nimble's latest mutants GORGE themselves on unlucky forerunners
Crossing Sandy Bridges without stopping for breath
A beheading in EMC's ViPR lair? Software's big cheese to advise CEO
Changes amid rivalry in the storage snake pit
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.