Skip to main content

Data protection jurisdiction and cloud computing – when are cloud users and providers subject to EU data protection law? The cloud of unknowing

Buy Article:

$51.63 plus tax (Refund Policy)

Abstract:

Cloud users could become subject to EU data protection laws where cloud computing services utilise European Economic Area (EEA' data centres, or even EEA service providers, because such data centres or providers may be their ‘establishment’, or involve their ‘making use’ of EEA equipment. This could occur directly or indirectly, e.g. non-EEA cloud users using EEA providers, or using non-EEA providers (who themselves use EEA providers or data centres). EU data protection regulators consider that Software as a Service providers may be subject to EU laws if saving or retrieving cookies on users' equipment. Even national implementations diverge. These uncertainties may discourage using EEA data centres or EEA providers for cloud computing. This paper argues that data protection obligations should be based on clear tests involving country of origin, for EEA entities, and targeting or directing, for non-EEA entities. While the draft Data Protection Regulation would introduce country of origin and targeting approaches, it fails to address many existing problems. Certain existing concepts, if retained, require further clarification and harmonisation; some new concepts need explication. The status of physical and software infrastructure providers and intermediate providers also needs clarification, particularly regarding when EU data protection laws apply to processors, and which rules.

Keywords: applicable law/jurisdiction; cloud computing; data protection

Document Type: Research Article

DOI: http://dx.doi.org/10.1080/13600869.2012.698843

Affiliations: Centre for Commercial Law Studies (CCLS), Queen Mary, University of London, 67-69 Lincoln's Inn FieldsLondon,WC2A 3JB, UK

Publication date: November 1, 2012

More about this publication?
routledg/cirl/2012/00000026/F0020002/art00003
dcterms_title,dcterms_description,pub_keyword
6
5
20
40
5

Access Key

Free Content
Free content
New Content
New content
Open Access Content
Open access content
Subscribed Content
Subscribed content
Free Trial Content
Free trial content
Cookie Policy
X
Cookie Policy
ingentaconnect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more