Tag Archives: EU

Cloud Computing � The backbone of our digital future?

December 21, 2010 General, Online Backup, The Cloud

The European Commissioner Vice-President for the Digital Agenda, Neelie Kroes, in a recent address to the Universit� Paris-Dauphine, stated �cloud computing may indeed become one of the backbones of our digital future�.

During the presentation the Commissioner detailed plans by the EU to make data protection rules clear across all member states, due to difference depending on culture and legal traditions. The plan for set �cloud-friendly� rules will help complete the Single Digital Market in Europe, which she sees cloud computing being the key factor in this approach.

She goes on to state, �A cloud without robust data protection is not the sort of cloud we need. So these features should be well-integrated in the design of cloud computing products and services, from the very beginning of the business processes… the winners will be those manufacturers and services providers � from whatever country of origin � that understand the competitive advantage that in-built privacy features provide�.

Whilst these concerns are not unfounded at a European level, any reputable Online Backup and Cloud Hosting company here in the UK has strict rules it must already adhere to. The Data Protection Act 1998 prevents companies releasing any personal information to any other third party without written consent. ALL Online/Cloud Backup companies should be encrypting all its customer data anyway (an in-built privacy feature!), meaning all data cannot be read, changed or shared.

All businesses can gain certification in a series of standards to improve its data management and security. ISO 9001 and 27001 accreditations ensure a company has in place strict guidelines on how it manages and secures it�s own data as well as its customers. A properly ISO accredited Cloud Backup and Hosting company offers extra peace of mind to its clients as all its services have been independently audited and certified.

Until the �Cloud friendly� rules are clearly defined by the EU, Online Backup and Cloud Hosting companies can ensure they are already gaining the necessary certifications to meet data security and management.

Data security to be tackled via crowd sourcing, EU claims

December 20, 2010 General

The future of data protection and IT security could be handled collectively by users from around the world, as the European Union announces plans to look into using crowd sourcing techniques to develop defences over the coming years.

In essence, the proposal made by Rob Wainwright, director of Europol, is the first step towards the creation of a central body to which anyone will be able to report cybercrimes, scams, hacks and security issues.

Members of the public would be granted a direct line to law enforcement authorities via which they will be able to blow the whistle on any malicious activities which they encounter.

By sourcing information from a vast pool of end users, the EU will be able to get a broader look at the way data protection and IT security are being handled and exploited across the continent, according to Mr Wainwright.

The responses to Mr Wainwright’s plans have been mixed. One expert pointed out that while getting the public involved in crime fighting could hardly be called a new idea, it is definitely a positive step towards a better understanding of cybercriminal activities.

Others have raised concerns over whether or not the tools offered to the public will be used effectively. It is thought that a great deal of training and education will be required before average web users will be able to make reports to such a central system that have any value in the fight against terrorists and criminals who operate in cyberspace.

Security expert Alan Bentley said that thanks to the prevalence of botnets and the scandal surrounding Wikileaks, there is a greater public awareness of the risks posed to data and IT security, along with a finer understanding of how criminals can exploit flaws.

Mr Bentley believes that people need to appreciate the types of techniques which are used by hackers and cybercriminals in order to be better equipped to detect and report their activities to any EU organisation in the future.

EU to enter talks with US over data sharing and privacy protection

December 7, 2010 General

Talks which will determine the way in which private data is handled and secured by the European Union (EU) and the US, in the fight against international organised crime and terrorism, are set to begin.

The procession towards the talks was put in motion by the European Commission (EC) back in May this year and the goal is to ensure that the storage, transfer and use of data enacted as part of the collaborative partnership, will be secure and respectful of basic rights.

While the authorities from many international countries will gain access to various types of data, more power will be given to individual citizens within the EU, allowing people to access any data which relates to them and delete entries after a given time period, to help protect their privacy without compromising national security.

VP of the EC Viviane Reding said that EU citizens have a right to see that their personal data is properly secured. She also explained that now the negotiations can get underway and the EU will do its best to ensure that the cooperation with the US does not directly contravene any of these basic rights relating to personal data.

This week the first leg of talks will begin in Washington. It was the September 11th attacks of 2001 which meant that the US and EU collaborated more closely on sharing data to fight terrorism, but recently a campaign to better protect the rights of individuals in relation to this sharing, meant that the EU has sought to redress the way in which US agencies can access and use this data.

The EC said that it hopes to unify the way in which data is protected on both sides of the Atlantic and make sure that EU inhabitants will be able to take action based on the regulations relating to data protection wherever their personal information is stored and used.

The talks will be a step in the right direction, but the EC has said that each data transfer will be treated individually and require a specific legal basis in each case.

Reappraisal of EU data protection legislation urged

November 18, 2010 General

Peter Hustinx, the man who carries the title of European Data Protection Supervisor, has called for the European Commission (EC) to look at the current legislation which governs the handling of data across the continent and update any of the rulings which have become irrelevant over time.

Mr Hustinx said that with a massive expansion in the amount of private data being handled by businesses and public sector organisations, it is necessary to review laws in this field and make sure that average people are not put at risk because the existing laws do not offer adequate protection.

Mr Hustinx was keen to point out that data protection has an effect on day to day life for hundreds of millions of Europeans, while also being influential on economic fluctuations, national security and the level of trust which ruling bodies are able to command.

It is recognised that data protection is a significant area requiring sustained attention from the international community. Mr Hustinx argues that no plan for the future can be considered too ambitious in the face of such responsibilities relating to data.

Experts believe that the best way to make sure that EU nations are able to protect private data and enforce the relevant legislation, is to make sure that there is greater unity in the international rules. This would include the required reporting of data loss and security breach incidents, as well as the integration of privacy into the very heart of modern storage solutions.

Neutrality and the cooperation of law enforcement and law makers must also be sought in this battle to protect data, according to Mr Hustinx.

The EC recently published a strategy document outlining the contemporary data protection legislation and calling on experts in the field and those with a vested interest to respond.

Key to the EC’s recommendations is the idea that all EU citizens should have the right to call for personal data to be deleted once it has served its use. The UK is implicated in this whole discussion as the EC is unhappy with its current lack of effort to comply with EU rulings which cover privacy of communication by electronic means.

EU revises regulations on data protection and IT security

October 5, 2010 Data Loss, General

Cyber attack deflection and data loss prevention are key to many businesses and organisations, so the news that the EU has begun to formulate a new directive on the subject will be welcome to many.

While the directive will be intended to expand the official recognition given to cyber attacks of a previously unseen scale, it will also give member states the powers to better tackle and punish those cybercriminals associated with perpetrating such attacks.

The EU wants to make sure that there is transcontinental protection available to keep data and information safe and stored securely, as the growth threat of widespread, damaging attacks presses on the minds of many in the public and private sectors.

The European Commission’s Cecilia Malmstrom, said that this was a concerted effort to redouble the force of the movement to counteract and neutralise cybercriminals and malicious attacks on systems.

Malmstrom explained that the ultimate goal was to make the development and distribution of malware for financial gain an act recognised in international criminal law and punishable as appropriate.

It is thought that by updating regulations relating to cybercrime, the working partnership between law enforcement organisations and the judiciary aspects of each nation, will be improved and streamlined.

The sharing of information between various bodies will be less hampered by red tape if the directive is ratified and this will allow time-sensitive cases to be tackled with greater ease.

It is also proposed that the detection, cataloguing and mapping of cyber attacks will become a key concern, allowing central analysis to gather data on potentially harmful software and groups.

The European Network and Information Security Agency (ENISA) is also being targeted by a new drive to give greater powers to this international body. Within the next seven years ENISA is set to expand and become better equipped to tackle and intercept the increasing risks posed by criminal organisations.

ENISA will not only be facing off against lawbreakers, but it will also help businesses and organisations to prepare, by running simulations that will highlight the strengths and weaknesses of any security setup.

EU seeking unification of data protection laws

July 20, 2010 General

A leading EU commissioner has called for member states to look into standardising legislation relating to data protection and security to facilitate the flow of information between businesses and organisations in protecting the private data of European citizens.

Viviane Reding, who champions justice, rights and citizenship at the EU, said that it would be better for all if data protection was governed by a consistent set of rules which resembled and adhered to the same standards as those set out by the EU itself.

Ms. Reding said that many businesses in the UK and throughout the EU had said, during consultations, that data protection legislation was often disparate and difficult to navigate when operating at an international level. Although the EU set out a Data Protection Directive fifteen years ago, countries are able to model their own regulations around it, resulting in disparate systems and standards.

A call for greater transparency is being made, with the rights of the individual to control and monitor the usage of their own data set to be strengthened.

Ms. Reding believes that any business or organisation that is in control of and consequently responsible for private data needs to keep the individual user informed as to their rights and the way in which their data might be used from the outset. This includes notifying users as to how they can go about requesting the removal of their details should they no longer desire third party access to them.

Ms. Reding said that member states should be more willing to exchange data both within the union and with other international organisations in order to promote a culture of trust. She also believes that simplifying the process of sharing data will mean that criminal and legal matters that cross international boundaries can be more efficiently handled.

The EU is set to become ever more open to sharing data with the US as part of an agreement that Ms. Reding is forging, although she says that this will only be possible if the level of protection afforded to the data is in line with EU regulations.