Feeds

back to article Make sure your data finds a safe harbour

The drive to buy local is very much in vogue, even though the note of nationalism in the Buy British slogan may not sit comfortably with some. And despite the many good reasons to support one’s local economy, there are limits: this writer is not buying local bananas until well into retirement on Mustique. Outsourcing is also a …

COMMENTS

This topic is closed for new posts.
Silver badge

US companies

may well be willing to sign up to all sorts of EU inspired data protection agreements, but if uncle Sam come mentioning the 'patriot act' then they will all just fold and give them a copy.

If it is sensitive - don't let it near the USA.

Mind you, I don't know how much safer European providers really are ...

2
0
FAIL

Make sure....

... that the contract states that data will be held within the EU.

Google won't sign this, MSN will.

Quite a few UK universities have outsourced mail. A lot of those have opted for google. I hate to be the management there when the OIC comes knocking.

Then again..... A slap on the wrist with a wet bus ticket doesn't hurt much.

0
0
Bronze badge
Go

Sanctuary, not Safe Harbor

Google employs all the 'rogue engineers', Apple has all the 'holding it' experts. The rest of us don't need Safe Harbor, we need Sanctuary. Data security is not weather driven. The rules for The Cloud are no different than for taking a thumb drive out of the office. Sooner or later, the data **should have been** redacted, before you stored it on the external media.

If you weren't smart enough to figure out, a priori, what would get you into trouble, this may be of some help ...

http://www.rustprivacy.org/2011/pii/cnpii.xml

The key point is that if parties unknown are picking through your data, you need not have any guilt sending them off to chase their tails.

http://purl.org/pii/terms/

0
0
Boffin

Encryption...

The only real solution would be to have the data stored in the cloud encrypted, and the decryption being done on the local (i.e. end-user) side... so for a company, they could have the decryption on the firewall machine, and thus decrypted data available to the users. As soon as data goes back to the cloud, the firewall should encrypt the outgoing stream... leaving the cloud provider to store (in his eyes) total gibberish, which can not be interpreted by any agency that comes knocking without having to go to the end-user! Problem solved...

0
0
This topic is closed for new posts.