The European Commission’s panel on privacy is planning to promote the concept of cloud computing and aims to endorse it as legal under the continent’s privacy law. In line with this, the commission also encourages organizations and companies to learn how to police themselves better in order to protect data and personal information that is stored remotely via cloud.
Dubbed the Article 29 Working Party, the panel is expected to make recommendations and create guidelines on cloud computing, which will finally address security and privacy concerns that have long hindered wider adoption of cloud computing services outside of the US.
The Article 29 Working Party’s recommendations and guidelines will be included in a report, which will also highlight the benefits of cloud computing and its ability to encourage innovation and economic efficiency. The report emphasizes the European officials’ more practical approach to the role of remote computing in the economy.
According to an inside source who wishes to remain anonymous (since he is not authorized to speak for the group), the recommendations will guide and outline decisions related to cloud computing by regulators in as many as 27 E.U. countries. The guidelines will be a boom to service providers who want to improve their image in the region, where their expansion and sales have been hindered by privacy and security concerns. According to research firm Gartner, said privacy and security concerns led to cloud computing sales in Europe trailing behind the US by at least 2 years.
Cloud Computing is defined as the delivery of computing services through the Internet, rather than through locally-installed software. Cloud computing has been employed by a wide variety of companies, both public and private, due to their ability to streamline operations and minimize unnecessary hardware and software costs. According to International Data Corp., the sales of cloud services have seen a 24% increase each year, which is roughly four times faster than the rate of spending on technology in general.
The public cloud service industry is worth roughly $28 billion as of 2011, according to the IDC, and among the big name leaders are Amazon.com, Savvis, Salesforce.com, and others, with other big name tech companies seeking to get a piece of market share, Microsoft in particular, which is planning to release their own cloud service soon.
The benefits of cloud for companies run the gamut, chief among which is the fact that they can save on money because there is no need to buy and maintain their own servers, since everything is stored and accessed via cloud. Additionally, relying on cloud services makes it easy to scale or reduce their storage based on what they only need, so there are no unnecessary expenses on wasted resources.
Industry executives have said that the interest in cloud within the EU are steadily increasing, which is surprising due to the current economic downturn and euro currency crisis. A large number of financial institutions are now using cloud based customer relations management services, including Deutsche Bank and BNP Paribas, both of which get their services from Salesforce.com.
There are also governments in Europe who are starting to embrace the cloud in order to cut costs. For example, the borough of Windsor and Maidenhead in England are both clients of Salesforce.com. Belgium’s government on the other hand, is creating its own cloud in order to consolidate government services. While there is a law that requires European national governments to process personal data only within their own borders, many of the interested European governments have resorted to buying domestic cloud services or starting their own.
While helpful, the guidelines provided by the Article 29 Working Party will probably not be able to unify all the different privacy laws in Europe, which tend to be patchwork and vary in strictness. For instance, Britain and Scandinavia both have more lax policies regarding the ways personal data can be processed via cloud, while France and Spain have strict policies that mandate cloud service sellers to know where information is being kept at all times.
The guidelines that will be introduced are nonbinding, and the regulators are asked to give utmost consideration in drafting national policies, but still have the discretion to interpret the recommendations as they deem fit. However, it will sill influence many European nations to better embrace cloud computing and allay their privacy-related fears and concerns regarding cloud computing.
The report is estimated at 30 pages long, and while it is meant to be an encouragement for the adoption of cloud services, it also contains privacy requirements for the cloud service providers, which will probably make it more expensive to sell cloud computing services within Europe. For example, one of the requirements ask sellers to purge all personal data from their servers when it is no longer needed, and there is also a requirement for the companies to disclose the subcontractors they plan to use to process data. The new requirements are expected to add complexity and management costs to cloud providers, but will provide greater security. However, the requirement about publicizing subcontractors could be a dealbreaker, as it could result in large cloud sellers being undermined due to clients being given access to a list of lower cost competitors.
There are analysts who are skeptical of the recommendations, citing that it will not be able to overcome European companies’ fears of storing data in US based clouds, primarily because their sensitive information about customers and business practices will be subject to government surveillance via the Patriot Act, making it an issue that lies squarely on the shoulders of the US government.