Gadgets with Time/Compatibility

This is a summary highlighting one of the numerous ways, the rapid innovation of technology is fighting against the Law. All expressed here is written by Noah Adjonyo and thereby His views drawn out from various sources some of which are not listed.

Introduction

Cloud Computing has revolutionised the way in which data is been processed, transacted upon, stored and accessed, all of which can happen in a very big, fast, robust and dynamic way within and across jurisdictions.

The EU, UK and the United States have their own customary data protection law each acting alien to each other at some stage.

While the UK has a specific data protection laws that task cloud data owners to protect their law the EU Data protection act attempts to establish both the term “Controller” and “Processor” where the first could be likened to be  Google as a search giant, while the later Google as a Cloud Service provider. Now the issue is that depending on the incident companies can choose to identify themselves as controllers or processors just as it fits them best, hence, Stricter data protection rules.

 Main Player's role in Data protection

Years ago, after which the USA has seen a rapid increase in Cloud Computing investment and development, the French government invested a huge amount of money for France’s Cloud computing development in-house and called on the EU to do likewise so as not to be held hostage to US companies who has saturated the Cloud computing. Market Adoption of cloud computing has increased first from the US over the years and likewise recently in Europe as some years ago saw reasons to invest, albeit, late and this presents its challenges.

Complication of Data Protection rules

One incident that sparked even further review and intensification of the EU data law was, when a in Spain, a user found on the web, content about him and a case that has been resolved years ago, He filed to the Spanish authority to rake down the content, but as Google attempted to pull away the Spanish authority referred to the EU Justice and her data protection law, to verify if Google can be pinned down to erase such data. This incident saw the rise of another new law last year themed “Right to be forgotten”. As much as this is good, the law in a broader scope will add much more complexity to European adoption of CC, though the law is subject to;

·         Burden of proof:

·         Individual case by case review:-Every case will be judged on its own individual merit, meaning request

·         Delivering notice to 3^rd partied about content that has to be erased.

It will still have to face many huddles when it involves Data stored across servers outside the EU.

One of the content of the EU Data protection rules includes a 24hour security breach notification that must be sent to the client. The call for alarm here is that in most cases, you usually do not know if you have been compromised or not.

Applicability of the EU Data Protection Act

Before I go on to explain let me place some background info. There is a US law called Foreign Corrupt Practice Act (FCPA), this act binds any US company carrying out business beyond the borders of USA to the USA’s corruption charges. Canada has charged her companies not to store and CC data on US cloud as it will be vulnerable to USA Patriot Act.

Now similarly, the EU has arranged their law to act such (FCPA concept) that it will be applicable all over EU in oneness. This means that both EU’s Right to be forgotten, Right to Data portability, and the key points of the act will be applicable to an EU company involved with a Data stored in a Non-EU state. The USA has a similar concept but more liberal.

While the in its own context, is still very difficult to implement EU-wide, another huge case arises when it involves an EU company’s data stored in another state e.g the US and vice versa like the case below:

• Last year 2014, the USA issued a search warrant to Microsoft (MS) to retrieve data of an email of an individual stored in an MS Data centre in Ireland. Though there is an EU-US Safe Haven agreement, MS refused to allow the US access the documents, after much late last year the Irish Government stepped up to issue an Amicus Brief against the USA. The Bone of contention here is;
• US needs to facilitate an investigation,
• MicrosoftS needs to protect her client’s data to gain respect,
• Irish Government sees the USA as stepping out of their boundary.
• There is a standoff between microsoft, Ireland and the US.

From the above,  it is discovered that the complexity of the slow-paced laws in numerous states will cause even more issue for SMEs and businesses who wants to take advantage of CC. As immensely affected by the Globalised flow of data, a company having numerous Content Delivery Networks across the world which can cause data to move between servers in the speed of light, these laws been drafted in isolation will not be very slow, less effective and could cause loss of money before a deal is reached. There have to be a common agreement that will be accessed and understood when it comes to data protection.

 
The good news is that many of other Tech companies are rallying behind Microsoft (see briefs here), the main issue still remains, Every now and then Gartner publishes her quadrants, hype cycles and many statistics spelling rapid progress of Technology. eg. from the time taken for the EU's Justice department to deal with issue that alerted  "Right To be Forgotten" to be dealth with, over 4 years, new technologies have arrived and some have caused major disruption. So if it takes over 4 years to deal with an issue cause by data protection, it can take a multiple of that to deal with another technology that may spawn up soon, thanks goodness Drone laws are been put into effect.

The current rift between Microsft and the US' Government in respect to data protection will not be easily solved even when it is solved, the possibilities of such occuring again is high, as the EU is pursuing a different scope of Data protection so the US and the UK is not to mention other big players like China, Russia. Shold data protection laws be singularised or treated differently as it may soon be proven data and information may have no citizenship on its own