Feeds

Lib Dems: Gov must look at security of public data cloud

Keeping stuff outside UK could erode citizens' rights

Reducing the cost and complexity of web vulnerability management

The Liberal Democrat party has said that the government should investigate the potential for abuse of data owners' rights if private companies hosted public data outside the UK. The junior Coalition partner raised the issue in in its Policies for Information Technology paper.

"Cloud computing is an area where, if [it is] left unchecked, there is serious potential for abuse – for example, large corporations taking control of enormous quantities of public or private data outside the reach of national law," the paper (21-page/131KB PDF) said.

"Cloud is only attractive if it embodies the principles on privacy and data ownership, access, project management and procurement that we have set out elsewhere in this paper. We recommend that as a matter of urgency, the Government consider the security issues involved with cloud computing, particularly regarding data location and segregation," it said.

Cloud computing refers to the storage of files and programs on an internet-based network rather than on local computing resources. It allows internet users to access or store information without owning the software required to do so and many online companies, such as Google, operate huge servers that store the data and deliver it to users.

The Lib Dems said that the UK should work with other governments and international bodies to help establish a watchdog regime for cloud services. The party said it believed industry bodies were best placed to regulate content on the internet. It suggested that, where the organisations are not dealing with illegal material, their "processes" should be transparent and their operations overseen by the UK's communications regulator, Ofcom.

Earlier this year the European Commission held a consultation looking into the issue of cloud computing. The Commission appeared to be considering measures to help standardise terms and conditions for using cloud services. The consultation asked it if it would be "useful" to establish "model Service Level Agreements or End User Agreements" within contractual agreements for cloud services.

The consultation, which closed at the end of August, asked respondents to specify updates the Commission could apply to the EU Data Protection Directive "that could further facilitate cloud computing while preserving the level of protection". A Commission spokesperson told Out-Law.com earlier this week that new proposals for EU data protection laws would be announced within the next six months.

The Commission is expected to announce a European cloud computing strategy next year and aims to "clarify the legal conditions for the take-up of cloud computing in Europe, stimulate the development of a competitive European cloud industry and market, and facilitate the roll-out of innovative cloud computing services for citizens and businesses," it said in a statement in May.

Cloud computing providers often detail the jurisdiction in which data is held in contract terms, but a judge in the High Court last year ruled that a company is responsible for "making available" internet-hosted material in the country where its host server is based, not in the country where the material is read or used.

Copyright © 2011, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Wanna keep your data for 1,000 YEARS? No? Hard luck, HDS wants you to anyway
Combine Blu-ray and M-DISC and you get this monster
US boffins demo 'twisted radio' mux
OAM takes wireless signals to 32 Gbps
Apple flops out 2FA for iCloud in bid to stop future nude selfie leaks
Millions of 4chan users howl with laughter as Cupertino slams stable door
No biggie: EMC's XtremIO firmware upgrade 'will wipe data'
But it'll have no impact and will be seamless, we're told
Students playing with impressive racks? Yes, it's cluster comp time
The most comprehensive coverage the world has ever seen. Ever
Run little spreadsheet, run! IBM's Watson is coming to gobble you up
Big Blue's big super's big appetite for big data in big clouds for big analytics
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.