Why are cloud providers so unprepared for new EU privacy laws?

The Boardroom

by Joe Curtis| 11 August 2014

How many meet the new data protection requirements?

Just one in 100 cloud providers meet the impending EU data protection regulations, it is claimed.

New EU requirements that redefine personal data and privacy are set to be passed into law before the end of the year before taking effect in 2015, yet cloud security firm Skyhigh Networks claimed most companies are currently falling foul of the new measures.

It analysed its 7,000-strong list of cloud service partners, saying that just 1% would currently pass the tougher requirements.

"It's staggering how few cloud providers are prepared for the new EU regulations," said Charlie Howe, EMEA director.

"[Meeting requirements] will inevitably require additional resources and expenditures, but it's a snip given the proposed penalties for violating the new laws, which can be up to 5% of a company's annual revenue or up to €100 million."

Currently the Information Commissioner's Office can levy a maximum £500,000 fine, but along with harsher fines, the new laws will see stricter rules around reporting a breach.

Companies will have to report data leaks "without undue delay", sparking confusion over how long that might be.

Max Perkins, insurance data expert at Beazley, said: "When does that clock start ticking? Is it when they suspect something might have happened? If so, the regulators are going to receive loads of calls."

Meanwhile, any organisation with more than 5,000 customers will have to appoint a data protection officer.

Skyhigh also points out that just 11 countries satisfy the EU's new privacy requirements for where European firms' data can reside.

Howe said: "Notably absent from the list is the United States, where 67 percent of all cloud services are headquartered. Data residency is already a significant issue under the current EU Data Protection Directive and it will continue to be so as the new regulations come into effect - especially as only 8.9% of US-based providers have the Safe Harbor Certification, which provides exemption to these regulations."

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

754 people like this.
0 people follow this.

The Boardroom Intelligence

Buy the latest industry research online today!
See more

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.