Privacy in Cloud Computing is gaining importance in our daily lives – both in the private and in professional environment. In order to judge whether the need for security and data protection is enough, many points needs to be considered. Of particular interest is the question of who is responsible for Privacy in Cloud Computing : The one who collected the data or the respective cloud provider. When we consider the course of advancing globalization, where the data may cross international borders and thus faces different jurisdictions, the situation appears more complicated. Privacy in Cloud Computing is gaining importance in our daily lives – true, but more true is to calculate or consider all the apparent and unapparent factors.
|Table of Contents|
Privacy in Cloud Computing : Basics
Due to the ongoing technological development, data management and thus the collection and storage of data become easier and more common. In addition, users are significantly more likely to prompted to divulge personal information. For privacy, the basic principles are becoming of increasing importance. The problem that arises is the existing laws, which must be must be on new or changing techniques which were not considered when the actual bills were applied.
This present term of data protection is extremely misleading. Because unlike indicated literally, more than bare data, the are affected by so-called factor named “personal data”, the focus is of privileged nature. Additionally, note that the rules of data protection are in a constant and ever-faster change. Here is a short overview of its development. As early as in 1968, United Nations began the UN to consult the implications of data processing. However, only non-binding guidelines have been developed:
- Accuracy of the data
- Purpose of data
- Inspection by interested parties in the stored data
- Security of data
- Monitoring of compliance and sanctions for non-compliance
Privacy in Cloud Computing : Applicability
According to the aforementioned census, decision for an interference with the right of informational self-determination is only possible in a particular case. This must be justified by special standards, appropriate legal claims or consent of the individual.
Possible example of such a case is the collection of data for the payment of taxes and the employer is a pass-through station in these cases and the data collected may not be used for their own purposes. But for this rule, there can be exceptions in certain circumstances.
Stakeholders may legitimize a data collection method. However, this must be clear, unambiguous form needed to filled prior to the collection of the data. Furthermore, should consent not be a flat one, but must be earmarked and the person must not be unfairly disadvantaged.
Except in the cases mentioned above, there are also legitimate reasons where one company want to use the personal information. More specifically, this means that the personal data are recorded and used for a purpose.