Business Cloud News
Outsourcery: 'Cloud service providers risk tighter regulation and slower uptake'

Outsourcery: ‘Cloud service providers risk tighter regulation and slower uptake’

Cloud and hosting provider Outsourcery claims that with impending EU data protection regulations coming into place cloud vendors will need to become more transparent with their data handling policies or risk further regulation and slowed cloud services uptake.

With Europe soon to implement a common data protection regulation extending to all EU member states and cloud services uptake continuing to rise in the region, it’s clear that cloud service providers operating in European markets (not just European companies) will be under more scrutiny when it comes to how they handle data.

A company found to be violating the impending regulations may in fact be fined up to 5 per cent of its global annual turnover.

But while the European Commission continues to work towards implementation of the draft regulation UK-based Outsourcery has warned that with cloud service providers likely to be examined very closely, if processes for handling and transferring data within and outside the EU are found wanting, the EU could impose further restrictions on data handling.

Barry Holder, information security and compliance manager at Outsourcery said that further regulation could stymie innovation by slowing cloud services uptake.

“While we agree that there is likely to be an increase in the adoption of cloud services, CSPs must be in a position to show exactly how and where the data of their clients is handled and stored if they are to capture part of this growing market,” Holder said.

“This should already be a priority, but with the EU beginning to examine processes involving the transfer of data and the UK Government looking to pass the Data Retention and Investigatory Powers Bill it may be something that CSPs, and consequently end-users, could be impacted by if new legislation or regulations are announced,” he added.

The European Commission is keen to keep data protection on the agenda. Last month the European Data Protection Supervisory, an independent supervisory authority devoted to protecting personal data and privacy and promoting good data handling practice in the EU reiterated that restoring confidence in the web will require swift adoption of the regulation, and that guaranteeing data privacy protection cannot be left to self-regulation alone.

Holder explained that within this context it is more important now than ever before for CSPs to make their services transparent, and to make sure they are certified against the relevant industry accreditations like CIF, STAR, ISO 27001 and the like.

“The way data is handled in both private and public cloud is up for scrutiny so all CSPs, whatever they offer, need to be in a position to continue pushing forward the market by doing their bit, and not risk holding it back,” he said.

In June the European Council committed to having the reformed general data protection regulation implemented by 2015.