Article 29 Working Party cloud computing opinion: Blow to Safe Harbor?
The following blog excerpt on “Article 29 Working Party cloud computing opinion: Blow to Safe Harbor?” was written by the external legal counsel of the CSA, Ms. Francoise Gilbert of the IT Law Group. We repost it here with her permission. It can be viewed in its original form at: http://searchcloudsecurity.techtarget.com/tip/Article-29-Working-Party-cloud-computing-opinion-Blow-to-Safe-Harbor
The Article 29 Data Protection Working Party — which includes representatives of the data protection authorities of each of the European Union member states — recently issued an opinion on cloud computing that could impact U.S. cloud providers. The opinion, published July 2 as Document WP 196, analyzes the applicable data protection laws and obligations for companies providing, or using cloud computing services in the European Economic Area (EEA). It identifies data protection risks that are likely to result from the use of cloud computing services, and provides guidance on how to manage a cloud computing contract.
The most significant aspect of the opinion is its negative evaluation of the ability of Safe Harbor self-certification to meet the requirement of national laws implementing the 1995 EU Data Protection Directive. Read the full article.