Cloud Safety and Privacy in Europe

Similar documents
Cloud Security Trust Cisco to Protect Your Data

The Future of Cloud Computing: Elasticity, Legacy Support, Interoperability and Quality of Service

EuroCloud Star Audit. A strong partnership that provides you with a competitive advantage

CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING

The PerspecSys PRS Solution and Cloud Computing

Boosting Productivity and Innovation Through. Public Sector Compliant Cloud Services

Secure Data Sharing and Processing in Heterogeneous Clouds. Bojan Suzic, Graz University of Technology

The NREN cloud strategy should be aligned with the European and national policies, but also with the strategies of the member institutions.

Align Technology. Data Protection Binding Corporate Rules Controller Policy Align Technology, Inc. All rights reserved.

FTP-Stream Data Sheet

Strategic approach to cloud computing deployment

THE CLOUD: OPPORTUNITIES AND ISSUES

The role of standards in driving cloud computing adoption

Claranet cloud market report 2011

Cloud Computing. by Civic Consulting (research conducted October 2011 January 2012)

BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS

Cloud Computing. Bringing the Cloud into Focus

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Cloud Computing; What is it, How long has it been here, and Where is it going?

Data Privacy in the Cloud E-Government Perspective

Cloud Computing Risk and Rewards

Indicative Requirements for Cloud Service Providers. connect communicate collaborate

How to handle data privacy issues in the car industry

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

SATURDAY, FEBRUARY 28, 2015 CLE 10 (Ethics) 9:30 a.m. 10:30 a.m. Moving to the Cloud - Identifying & Managing Legal, Ethical and Compliance Risks

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

CLOUD COMPUTING Contractual and data protection aspects

The State of Data Security Intelligence. Sponsored by Informatica. Independently conducted by Ponemon Institute LLC Publication Date: April 2015

The problem of cloud data governance

Managing Cloud Computing Risk

Private Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

Cloud Computing Risks in Financial Services Companies: How Attorneys Can Best Help In An Increasingly SaaS-ified World

Microsoft s cybersecurity commitment

Smart Borders and Law Enforcement Access: Legitimacy, Effectiveness, and Proportionality

A Comparison of PaaS clouds with a Detailed Reference to Security and Geoprocessing Services

The Data Melting Pot Computing in the Cloud. Becky Pinkard Manager, Security Operations Centres Research In Motion

HARNESSING THE POWER OF THE CLOUD

Align Technology. Data Protection Binding Corporate Rules Processor Policy Align Technology, Inc. All rights reserved.

Cloud Computing for Forest Fire Management. Dr. Nikos Athanasis, Prof. Kostas Kalabokidis University of the AEGEAN

Cloud Vendor Benchmark 2014 A Comparison of Software Vendors and Service Providers

Cloud computing: benefits, risks and recommendations for information security

Microsoft Pty Ltd. Australian Financial System Inquiry: Response to request for further submissions

CONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL

Government Use of Cloud Computing Legal Challenges

Digital Agenda for Europe Cartagena de Indias, September 1, 2015

Katerina Apostolaki, Marketing Manager

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

Governance and the cloud

Cloud Computing Risks & Reality. Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

Cloud Computing in Higher Education: A Guide to Evaluation and Adoption

Cloud Computing Security Considerations

Questionnaire on the European Data-Driven Economy

Second Cyber Security Summit, November 11, 2013 in Bonn Final communique

Type of Personal Data We Collect and How We Use It

CHOOSING THE RIGHT CLOUD COMPUTING SOLUTION FOR YOU

PRIVACY & DATA PROTECTION ANNUAL REPORT

AARNet submission to the Australian Computer Society Cloud Protocol Discussion Paper. James Sankar, Alex Reid August 2013

White Paper on CLOUD COMPUTING

International Working Group on Data Protection in Telecommunications

A clearer view. Security, compliance, and the cloud

Big Data Analytics Service Definition G-Cloud 7

Personal information, for purposes of this Policy, includes any information which relates to an identified or an identifiable person.


Moving Applications To Cloud

How to Choose a Cloud Backup Delivery Platform.

Increase transparency & control for user (personal) data Strenghten applicability of EU law - limit abuse of jurisdiction ( forum shopping )

How To Protect Your Cloud Computing Resources From Attack

CRN Cloud Computing Forum Tips for Choosing the right cloud partner

PRESENTATION TOPICS 2/27/2014. Why Update Policies? 21st Century Best Practices for Information Governance & Policies. Why update policies??

BUSINESS MANAGEMENT SUPPORT

Mobile Devices Policy

Acquia Comments on EU Recommendations for Data Processing in the Cloud

Astaro Services AG Rheinweg 7, CH-8200 Schaffhausen. Supplementary data protection agreement. to the license agreement for license ID: between

Statement of Procurement Conduct

Emerging legal issues in Cloud Computing Clouds on the horizon?

The NREN s core activities are in providing network and associated services to its user community that usually comprises:

How To Decide If You Should Buy Cloud Computing For Government

A guide to affilinet s tracking technology

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.

Intel Enhanced Data Security Assessment Form

NATO s Journey to the Cloud Vision and Progress

AskAvanade: Answering the Burning Questions around Cloud Computing

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

TO GAS TRANSMISSION OPERATOR GAZ-SYSTEM S.A.

Office of the Chief Information Officer

Privacy in the Cloud A Microsoft Perspective

OWASP Chapter Meeting June Presented by: Brayton Rider, SecureState Chief Architect

Time better spent. Take your organisation somewhere new with Fujitsu Mobile Business Solutions. Reshaping ICT, Reshaping Business

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

CLOUD COMPUTING An Overview

Cloud-Security: Show-Stopper or Enabling Technology?

What Is The Cloud And How Can Your Agency Use It. Tom Konop Mark Piontek Cathleen Christensen

Privacy and security in the cloud

Overview. What are operational policies? Development, adoption, implementation

WWRF Cloud Implications to Security, Privacy, and Trust

Transcription:

EU-anchored Cloud Technological solution for the legal and political problem Primarily for (semi-)governments and academia Valer Mischenko (NLnet Foundation, Amsterdam)

Shiny side cost reduction scalability accessibility location independency reliability elasticity CONVENIENCE +++ Dark side privacy is not guaranteed deletion of data is unthinkable (potential) abuse of data vendor lock-in (private APIs) audit is not possible (closed APIs) intransparent security intrusion of third parties / data capture unobservable legal uncertainty in case of 'issues' NO CONTROL

Europe has problems with Cloud Report of Directorate-General for Internal Polices of the EP Fighting cybercrime and protecting privacy in the cloud : The challenges of privacy and data protection in a cloud context are clearly underestimated, if not ignored American FISAA:... has very strong implications on EU data sovereignty and the protection of its citizens rights Data Protection offences should be recognized as a type of Cybercrime

Usability of cloud Freedom of choice Social and legal responsibility Consumer Corporate Government and academia How to help the most disadvantaged?

How to approach? Data-Logistic Company: exclusively within the EU bound exclusively to the EU laws data transport, storage and processing transparent: open code and procedures Fair Cloud foundation Min 51% shares with the foundation on the top unsellable profit to the foundation for mission assurance & technology improvement EU Data Logistic Ltd

Market proposition Guarantee! Subject only to the EU laws Guarantee! The company does not change course and continues to do what it promised Processing of data strictly separated from storage The company does not know what data is stored, only the (temporary) location of the data EU Data Logistic Ltd

Market place Volume: ~10 bln public services in the EU in 2013 Growth: with duble figures per year (18,5% in 2013) Revenue sources: data-logistic services enabling client side processing encryption

Use of open technological paradigms Encryption Unhosted HTML5 + NoScript transparent no lock-in open where possible

Encryption With end-to-end encryption some sharing functionality to be reviewed Sharing and encryption still possible, but difficult for 'normal' user should really be simple Difficult to revoke access to data if keys were already issued Possibly other problems that we can not overlook now Even if encryption problems are resolved, European cloud is indispensable as other attacks possible besides those on data content Therefore you better keep your data within one legal zone!

There were legal ambiguities Is a purely European cloud legally possible? I.e. where only the EU legislation applies? Is it possible for the EU governments to use such purely European service provider in their procurement process? Is it possible for the EU governments to exclude non-eu suppliers from the procurement process on the basis of non-compliance with the EU-laws? Research results of the University of Tilburg : Yes! Yes! Yes!

Results of the University of Tilburg research: 3 x Yes under conditions that: All cloud computing services are being provided within the EU The service providers and subcontractors have EU nationality Operate only within the EU In this case, the governments comply with the (European) conditions for procurement The way to building a genuine European cloud is free now

EU future in the Cloud? One week ago on Dutch television, Judith Sargentini, member of the European Pariament: We, Europeans, can only guarantee our sovereignty with EuropaCloud. Meaning an ecosystem of rules, services and providers which embodies what we Europeans find important: data protection, privacy, freedom of expression, transparency, decentralized storage and energy efficiency. We can use these values as a unique selling point.

EU future in the Cloud? The very last sentence of the report Fighting cybercrime and protecting privacy in the cloud : A target could be that by 2020, 50% of EU public services should be running on Cloud infrastructure solely under EU jurisdictional control.

This is an invitation to NRENs: What's needed: Let's build the EU-anchored Cloud Participate in setting up the Fair Cloud Foundation Development of a data logistics platform EU-wide set up and testing Commercially available storage and processing power What you get: Usage of trully European cloud Funds from the Fair Cloud Foundation Sale of excessive storage and processing Fame :-)

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information