Digital Discourse / Archives for EU

In the midst of Hill privacy buzz, Obama Administration and EU are moving forward

October 18, 2011 By

Despite Capitol Hill continuing to dominate news headlines regarding data privacy, the work and policy proposals pending from the Obama Administration and the European Commission are more significant at this time.

Here in the U.S., both the Federal Trade Commission and the Dept. of Commerce are readying to release their long-awaited reports on Commercial Data Privacy, seeking to conclude parallel processes launched in late 2010. The Commerce Report will echo the Administration’s call for legislation to provide for baseline privacy regulation, and to propose a framework for establishing a voluntary codes of conduct to be developed through a multi-stakeholder process, specifying how these basic principles should be implemented for a specific industry sector. A promise to abide by the code would be enforceable by the FTC.

On the other side of the Atlantic, the EU is working on revising the EU Data Protection Directive, with proposed revisions expected to be released in the first quarter of 2012. Key issues under consideration include the so-called “right to be forgotten,” “privacy by design” and an accountability framework.

The accountability framework is the way in which the EC is proposing to relax restrictions on cross-border data flows. Instead of further attempts to clarify what an “adequate” legal framework for privacy might be, the proposed EU directive would look to representations by companies regarding their privacy practices. This might create substantial efficiencies compared to negotiating separate arrangements with data protection authorities. The U.S. Government is actively talking with their EU Commission and national officials to move this accountability framework from concept to practical implementation.

Meanwhile, there is not a consistent understanding of what would be required for implementation of the mandatory opt-in consent for cookies. This is already part of the EU ePrivacy Directive, but it has not been implemented by most EU countries.

For a more detailed report on US and EU privacy, visit the recent SIIA policy update.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Digital Policy Roundup, Policy, Software Tagged With: , ,

SIIA Commends EU for Looking to Maximize Cloud Computing, Urges Caution and Focus on Trans-border Data Flow

September 2, 2011 By

On Wednesday, SIIA submitted comments to the European Commission’s (EC) cloud computing consultation, a public inquiry launched in May to develop a European cloud computing strategy that the Commission will present in 2012, which will “aim to clarify the legal conditions for the take-up of cloud computing in Europe, stimulate the development of a competitive European cloud industry and market, and facilitate the roll-out of innovative cloud computing services for citizens and businesses.” This is a laudable objective, and the EU should be commended for several aspects.

First, the EU is on track in recognizing the ability of cloud computing to spur growth by helping businesses, reduce IT costs and level the playing, especially for SMEs. Second, they’re looking to the public sector to utilize cloud computing to provide better services at lower cost. And, they’ve rightly identified the need for open standards and interoperability to spur competition and choice.

However, as part of this initiative the EU is also looking to potentially make significant changes to current laws, and possibly create some new ones. It’s this area where SIIA urges caution. Consistent with the guidance we provided in our recent cloud computing white paper for policymakers, our comments urge caution in this area, with a particular emphasis on maintaining a level playing field for software and IT services, whether offered locally, via traditional externally-hosted services, or by utilizing “cloud computing.”

In our comments, we also highlighted the greatest current barrier to cloud adoption: the considerable challenges posed by issues surrounding transnational data flows, particularly the challenges associated with conflicts of law and jurisdiction within the EU and beyond. This is not an issue that is specific to cloud computing, but it has been exacerbated by it.

While we won’t know for some time which way the EU goes on this one, there was some more good news announced by EU VP Neelie Kroes earlier this week when she announced at Dreamforce 2011, that former United States CIO Vivek Kundra–a strong advocate for government use of cloud computing—will serve as an advisor in helping develop Europe’s cloud computing strategy.

Share|
Filed Under: Policy, Policy - Cloud Computing, PSIG Tagged With: , , ,