The European Commission has adopted a new Communication COM(2012) 529 for ‘Unleashing the potential of cloud computing in Europe’ which aims to increase the use of cloud computing within all parts of the European Union’s economy.
With the goal of boosting the European Union’s (EU) GDP, the European Commission (EC) has adopted a Communication on the use of ‘cloud computing’, the functionality of storing data (e.g., text files, pictures, audio and video) and software on remote servers that may be located all over the world and can be accessed by the user over the internet using different devices.1 Cloud computing has become very popular over the years but, at the same time, brings with it a number of challenges such as: lack of clarity on rights, responsibilities and liability; insufficient data protection standards and control mechanisms; and insufficient harmonisation across various jurisdictions.2 Therefore, cloud providers and users lack clear regulation as regards the delivery and use of cloud services and, at the same time, law enforcement agencies are struggling to identify which jurisdiction would apply to the ‘cloud’ and what rules govern moving data and software between different cloud providers.
In response to these concerns, the strategy comes forward with a set of key actions:
- Coordinating the technical standards in a way that would be more user-friendly and work for the interoperability, data portability and reversibility; necessary standards should be identified by 2013.
- Supporting EU-wide certification schemes in order to identify trustworthy cloud providers.
- Developing standard ‘safe and fair’ contract terms for cloud computing contracts including Service Level Agreements (SLA) and Binding Corporate Rules (BCR) specifically for the use of cloud providers that would enable a company or group of companies providing cloud services to use standardised and legally binding rules for international transfers.
- Investing in a European Cloud Partnership with Member States and industry to shape the European cloud market, boost the chances for European cloud providers to grow and achieve a competitive scale, and deliver cheaper and better eGovernment.3
Such policy goals are part of the EU’s bigger plan to deliver a dynamic and trusted internet environment in Europe. Moreover, the challenging issues surrounding cloud computing should play a significant role in shaping EU Member Countries’ cyber security strategies that form the basis for the EU’s preparedness in case of large-scale cyber incidents.
These developments go also hand-in-hand with the EC’s 2012 proposal to update its Data Protection rules (including replacing the Data Protection Directive 95/46/EC)4 – a complex reform that has uncovered the differences in EU Member States’ legislation regarding privacy and data protection.
- European Commission, “Digital Agenda: New strategy to drive European business and government productivity via cloud computing “,press release (IP/12/1389), December 18, 2012.http://europa.eu/rapid/press-release_IP-12-1025_en.htm
- Hawley, N. and Hann, G., “Does the EC’s cloud strategy go far enough?,” Computer Weekly, October 2012, http://www.computerweekly.com/opinion/Does-the-EUs-cloud-strategy-go-far…
- European Commission, COM(2012) 529, 27 September 2012, http://ec.europa.eu/information_society/activities/cloudcomputing/docs/c…
- European Commission, “Commission proposes a comprehensive reform of the data protection rules,” Justice-Newsroom, January 25, 2012, http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm