Open hour on cloud computing: from fog to secure cloud – a regulatory perspective – WS 07 2010

From EuroDIG Wiki
Jump to navigation Jump to search

30 April 2010 | 10:15-11:30
Programme overview 2010

Session teaser

Key issues that could be discussed: This workshop will address regulatory issues arising from cloud computing, more specifically concerning data protection, jurisdiction issues and the use of Service Level Agreements (SLAs). How do the traditional actors in the field of data protection (data controller, data processor and data subject) fit in the cloud and what are their duties, responsibilities and rights? Where do we stand in case of change of control of the cloud provider?

People

Key Participants

  • Kevin Fraser, Council of Europe, Consultative Committee of Convention 108
  • Paolo Balboni, Baker & McKenzie (Milan)
  • Rosa Barcelo, Legal adviser to the European Data Protection Supervisor
  • Cornelia Kutterer, Senior Policy Manager, Microsoft
  • Jean-Philippe Moiny, research fellow at the FNRS
  • Katitza Rodriguez, International Rights Director, Electronic Frontier Foundation (EFF)
  • Sophie Kwasny, Council of Europe, Directorate General of Human Rights and Legal Affairs
  • Barbara Leiner, AEGEE
  • Cristos Velasco, Director General, Ciberdelincuencia.Org and Member of the IGF Spain Advisory Group

Moderator

  • Kevin Fraser, Council of Europe Consultative Committee of Convention 108

Rapporteurs

  • Kevin Fraser, Council of Europe, Consultative Committee of Convention 108
  • Sophie Kwasny, Council of Europe, Directorate General of Human Rights and Legal Affairs

Key messages

The governance of cloud computing necessitates: clarifying the roles and responsibilities of actors; improving and facilitating international data transfers and improving certainty as to applicable law and jurisdiction; increasing transparency regarding privacy and security for customers of cloud computing services; improving consumers control over their privacy and the processing of their data (including deletion) and improved enforceability of consumers’ data protection; increasing awareness of cloud services, privacy and contractual policies; increasing legal certainty through the adoption of global privacy standards.

Messages (extended)

How can we go from fog to secure cloud?

  • Clarifying the roles and responsibilities of actors (including services provided to individuals acting in their personal capacity) through interpretation, guidance and possible revision of regulatory frameworks.
  • Improving and facilitating international data transfers and improving certainty as to applicable law and jurisdiction.
  • Increasing transparency regarding privacy and security for customers of cloud computing services.
  • Improving consumers control over their privacy and the processing of their data (including deletion) and improved enforceability of consumers’ data protection;
  • Increasing awareness of cloud services, privacy and contractual policies.
  • Increasing legal certainty through the adoption of global privacy standards.