Responding to surveillance revelations, EU officials seek changes in commercial and law enforcement data sharing arrangements with the US.
The European Commission, the EU's executive body, is demanding that the US respect the privacy rights of EU citizens and is seeking changes in its commercial and law enforcement data sharing arrangements with the US to "restore trust."
The Commission on Wednesday issued a strategy paper, an analysis of the Safe Harbor agreement that governs international commercial data flows, and a Data Protection report, among other documents, in response to ongoing revelations about the extent of US surveillance.
"Massive spying on our citizens, companies and leaders is unacceptable," said EU Justice Commissioner Viviane Reding in a statement. "Citizens on both sides of the Atlantic need to be reassured that their data is protected and companies need to know existing agreements are respected and enforced."
The Commission's concern about loss of trust translates into potential loss of revenue. The Information Technology & Innovation Foundation (ITIF), a Washington-based policy research group, projects US IT industry losses of $22 billion to $35 billion by 2016, because foreign businesses and governments fear having their data scoured by US intelligence agencies.
Add to that the certainty that other government intelligence agencies are doing the same thing, or at least trying to, and the entire premise of cloud computing crumbles. Without a foundation of trust and a legal framework that exists in full public view and protects rather than yields, there's a strong impetus to avoid the cloud and rely only on internal corporate computing resources.
Though the EU says the Safe Harbor agreement governing commercial data sharing "cannot be maintained," it doesn't appear to be threatening to rescind the agreement. Rather, it seeks to improve it with stronger protections for EU citizens, principally a path for judicial redress. The US Privacy Act of 1974 protects US citizens and legal permanent residents, but not EU citizens.
Changes in the way data is handled and accessed in the EU and US will depend on the EU data protection rules revisions currently before the EU parliament and the US review of national surveillance activities, both of which are ongoing. US lawmakers continue to debate whether and how to reform NSA data collection.
Cloud Connect Summit, March 31 – April 1 2014, offers a two-day program colocated at Interop Las Vegas developed around "10 critical cloud decisions." Cloud Connect Summit zeros in on the most pressing cloud technology, policy and organizational decisions & debates for the cloud-enabled enterprise. Cloud Connect Summit is geared towards a cross-section of disciplines with a stake in the cloud-enabled enterprise. Register for Cloud Connect Summit today.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.