Skip to main content

Data protection jurisdiction and cloud computing – when are cloud users and providers subject to EU data protection law? The cloud of unknowing

Buy Article:

$47.50 plus tax (Refund Policy)

Cloud users could become subject to EU data protection laws where cloud computing services utilise European Economic Area (EEA' data centres, or even EEA service providers, because such data centres or providers may be their ‘establishment’, or involve their ‘making use’ of EEA equipment. This could occur directly or indirectly, e.g. non-EEA cloud users using EEA providers, or using non-EEA providers (who themselves use EEA providers or data centres). EU data protection regulators consider that Software as a Service providers may be subject to EU laws if saving or retrieving cookies on users' equipment. Even national implementations diverge. These uncertainties may discourage using EEA data centres or EEA providers for cloud computing. This paper argues that data protection obligations should be based on clear tests involving country of origin, for EEA entities, and targeting or directing, for non-EEA entities. While the draft Data Protection Regulation would introduce country of origin and targeting approaches, it fails to address many existing problems. Certain existing concepts, if retained, require further clarification and harmonisation; some new concepts need explication. The status of physical and software infrastructure providers and intermediate providers also needs clarification, particularly regarding when EU data protection laws apply to processors, and which rules.
No References
No Citations
No Supplementary Data
No Article Media
No Metrics

Keywords: applicable law/jurisdiction; cloud computing; data protection

Document Type: Research Article

Affiliations: Centre for Commercial Law Studies (CCLS), Queen Mary, University of London, 67-69 Lincoln's Inn FieldsLondon,WC2A 3JB, UK

Publication date: 2012-11-01

More about this publication?
  • Access Key
  • Free content
  • Partial Free content
  • New content
  • Open access content
  • Partial Open access content
  • Subscribed content
  • Partial Subscribed content
  • Free trial content
Cookie Policy
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more