European data protection under a cloud

Cloud computing has been hailed as a revolution that would reduce the need for capital investment and provide near unlimited computer power and storage on demand. But in recent weeks fears have grown that European data stored on the cloud could be vulnerable to foreign surveillance.

Revelations by Edward Snowden, the US contractor turned whistleblower, have underscored the shortcomings of Europe’s data protection laws in the age of the cloud, where data are stored at external data warehouses rather than on a local hard drive. As data flows across national borders at lightning speed, often existing simultaneously on servers in multiple countries, protecting and regulating transfers of data has become much more complex. Such is the concern about the security of data on the cloud in the wake of the Snowden revelations that last week Germany’s data protection authorities called for the suspension of the Safe Harbour agreement, which allows cloud providers that have self-certified their compliance with the requirements to make data transfers from the EU.