Bah! No NSA-proof Euro cloud gang. Cloud computing standards will 'aid data portability'
European Commission ropes in ETSI, plans to look at copyright issues
New cloud computing standards to be developed within the EU should facilitate users' ability to transfer data and services between cloud providers, MEPs have said.17 Dec 2013
Cloud computing TMT & Sourcing Outsourcing TMT Advanced Manufacturing & Technology Services
The European Parliament has backed a new resolution on cloud computing in response to actions the European Commission has set out under its cloud computing strategy. The Commission has engaged the European Telecommunications Standards Institute (ETSI) to help set out what new standards are required for the way that cloud services work.
Standards that could be formed may relate to data security, interoperability and data portability, the Commission said previously.
In their new resolution, MEPs welcomed ETSI's participation in the standard setting process and added that the standards being created "should enable easy and complete data and service portability, and a high degree of interoperability between cloud services, in order to increase rather than limit competitiveness".
The resolution also set out the Parliament's view that cloud providers should be said to be 'data controllers' under EU data protection laws where they benefit from an "imbalance" in the contract terms that allows them to set "the purposes, conditions and means" by which data stored on its servers is processed. Where such a situation applies, cloud providers should "become jointly liable with the customer" in relation to their data protection obligations, it said.
The MEPs also used the resolution to call on the Commission to establish clear laws on how copyright applies in the context of the cloud. It said that rights holders should enjoy "fair compensation for the use of their work" in the cloud, but questioned whether it is appropriate to impose levies on those services to account for private copying. Some EU countries apply private copying levies to some physical recording and storage media to ensure rights holders are compensated fairly for private copying undertaken by consumers.
The Commission should "investigate the different types of cloud computing services, how the cloud storage of copyrighted works affects the royalties systems and, more specifically, the ways in which private copying levies that are relevant for certain types of cloud computing services are imposed," the resolution said.
The MEPs also expressed disappointment that the Commission's cloud computing strategy did not account for "collateral aspects such as the energy consumption of data centres and related environmental issues".
In response to reports about alleged US surveillance of data stored by some major US technology companies, including cloud providers, MEPs also called for the Commission to lay out new guidelines for businesses on how they can "ensure full compliance with the EU’s fundamental rights and data protection obligations".
They also called for the Commission to set "limitative conditions under which cloud data may or may not be accessed for law enforcement purposes, in compliance with the EU Charter of Fundamental Rights and with EU law".
Copyright © 2013, Out-Law.com
Out-Law.com is part of international law firm Pinsent Masons.
Sponsored: Becoming a Pragmatic Security Leader