Let’s work  together now
09 Nov 2017 – 16:29 | No Comment

As extremists are increasingly using the internet to radicalise the vulnerable and marginalised online with their poisonous ideology, the European Commissioner for the Security Union, Julian King raises the bar in Europe’s fight against online …

Read the full story »
International

EU Health

Transport

Circular Economy

Climate Change

Home » Policy

EU-Wide Cloud Computing Strategy

Submitted by on 09 Mar 2012 – 15:51

EU-Wide Cloud Computing Strategy

By Vice-President Viviane Reding, European Commissioner, Member of the European Commission responsible for Justice, Fundamental Rights and Citizenship

Into the cloud!

There are enormous benefits to storing digital files on remote servers and retrieving them via the internet: we can save space, time and money. Cloud computing is an opportunity for people, business and the economy as a whole.

The impact of the cloud goes beyond reducing IT costs and improving business efficiency. Cloud computing combined with web-based and mobile applications are preparing the ground for new European start-ups that will play a positive role in the IT landscape. Companies of all sizes and government institutions will achieve new levels of productivity and innovation. The cloud and web services industries will be a key source of new jobs and will help make great gains in major healthcare, education and social issues. Surveys show that most companies in Europe have a cloud strategy or are moving key applications to the cloud. Recently a major Spanish bank announced that it moved all the office productivity tools of its employees to the cloud.

Cloud computing also has societal and legal impacts especially when personal data is processed. The data is not stored anymore in that company, but on remote servers. These servers might operate under a different jurisdiction than the company. As data is everywhere, in some cases several sets of rules, including foreign ones, can apply.

Protecting your information in the cloud

Although Cloud computing works adequately within the current rules in Europe, there are still limitations. The diversity of rules, the complexity of international transfers, and the administrative burdens of processing personal data hold back a more dynamic development of this key industry. If something goes wrong – for instance if there is a data breach – it is not always clear which rules should apply. In the end consumers and companies face too many uncertainties, and many projects are delayed or not properly realised.

The EU data protection reform of this spring is a decisive step in making the shift to the cloud easier and safer.

The current data protection Directive dates back to 1995. In 1995, the internet had only 100,000 websites, there were no mobile applications, and the paper based yellow pages were just starting their migration to the internet.

Obviously technology has evolved, and we enjoy a wealth of new services to communicate better with our relatives, our friends and business partners over the internet.

It might be less visible but data protection has also progressed a lot. Data protection authorities have developed binding corporate rules, to facilitate international transfers of personal data within a corporate environment. They have also developed methodologies and guidelines to carry out privacy impact assessments, and to ensure that all risks related to processing operations are covered in the analysis. Data protection officers (DPOs) who barely existed in 1995 are now a recognized profession all over the world. There are more than four thousand DPOs in France, and tens of thousands in Germany.

All these innovations should be based on solid legislation. I want a single set of data protection rules applicable to all individuals and businesses in Europe. To make it easier for companies to comply with the rules, the European Commission intends to provide a ‘one stop shop’ for businesses. Our reforms will bring legal certainty and a harmonised set of rules which will encourage investments in cloud computing. There will be clear rules for international data transfers and for contractors processing data on behalf of their customers, such as cloud computing providers.

We should not underestimate the risks in the cloud where millions of people’s data is stored. We see internet companies that hold vast quantities of personal data increasingly come under attack from hackers. We have also seen data breaches on major online gaming services that have affected millions of users. These data breaches should be avoided at all cost, as they seriously affect people’s trust in the Internet.

That is why, under the European Commission’s proposals, businesses will have to pay utmost attention to individuals’ rights, to the security of information and to privacy by design. Privacy impact assessments should be conducted at the early stages of the development of a new product or service. Privacy policies shall be made binding and enforceable by binding corporate rules. The real winners will be those companies and service providers – no matter where they are from – that understand the competitive advantage of built-in privacy features.

The cloud in the future

You can also rest assured that the European Commission will not stop its work on cloud computing after our data protection reform proposals. My colleague, Vice-President Neelie Kroes has confirmed that she will propose a European Cloud Computing Strategy in 2012. We have just completed thorough consultations with stakeholders. The first concrete announcements will follow soon. For the strategy to succeed, the support of the European Parliament and Council for the Commission’s reform of EU data protection legislation will be essential. I am working closely with Neelie Kroes on this. We are clear that Europe should be in the fast lane when it comes to cloud computing.