Europe opens up to the cloud

If last weekend's Amazon outage taught us anything, it's that the cloud is a complex thing. However it's particularly convoluted in Europe, where the desire by companies to rely on Internet-based services is at odds with the European Union's relatively tough data protection laws.

Trying to reconcile what businesses want with the heavy responsibilities for protecting information is one of the biggest obstacles to cloud adoption, according to some senior figures. All things considered, it's one thing for lawmakers to tell organizations to be careful with such data - however how are they supposed to be able to check what their providers and those providers’ providers are in fact doing with it?

"Such certification would, as a minimum, indicate that data protection controls have been subject to audit or review against a recognised standard meeting the requirements set out in this Opinion by a reputable third party organisation,” one of the more readable parts of the recommendations states. ”In the context of cloud computing, potential clients should look to see whether cloud services providers can provide a copy of this third party audit certificate or come to think of it a copy of the audit report verifying the certification including with respect to the requirements set out in this Opinion.”

The recommendations do become reality

If the recommendations do become reality, it will probably be good news for EU businesses, simply because the current situation is a joke: everyone breaks data protection rules because the shift to the cloud, with its labyrinthine network of unsure responsibilities, makes compliance nearly impossible. Legal certainty and transparency are what the regulators are afterwards.