NL EN
  • Home»
  • Weblog »
  • Kroes over de cloud: "Data protection is a 'must have'"

Kroes over de cloud: "Data protection is a 'must have'"

Neelie Kroes, Eurocommissaris voor de Digitale Agenda, heeft vandaag een speech gehouden op de Université Paris-Dauphine. In de speech zoomt Kroes dieper in op een onderwerp van haar Digitale Agenda: “Cloud computing and data protection”.

 

Kroes stelt dat men door cloud computing controle verliest over persoonsgegevens. De Europese Unie ziet de bescherming van persoonsgegevens als een fundamenteel recht en daarom is actie vereist. Kroes gelooft dat meer onderzoek nodig is om de beveiligingsaspecten van cloud technologie te verbeteren. Onderzoek naar “privacy-by-design” en “privacy-enhancing technologies” worden dan ook breed gesteund door Europa.

 

Daarnaast zijn er vragen over de stroom van gegevens binnen Europa en op wereldwijde schaal. Zo verschilt de implementatie van de Privacy-richtlijn (“Richtlijn 95/46/EG van het Europees Parlement en de Raad van 24 oktober 1995 betreffende de bescherming van natuurlijke personen in verband met de verwerking van persoonsgegevens en betreffende het vrije verkeer van die gegevens”) per lidstaat. Kroes zet vraagtekens bij deze verschillen: is dit het resultaat van culturele en juridische verschillen, of betreft het een obstakel voor de regels van de interne markt?

 

Kroes stelt daarbij het volgende:

 

In my mind, the free movement of personal data within the EU is another way to help to complete the Digital Single Market in Europe. Therefore, the underlying approach ought to be 'cloud-friendly'. But a 'cloud' without clear and strong data protection is not the sort of cloud we need. Having clear and 'cloud-friendly' rules can only help ICT companies and you know that many of them in Europe are SMEs to know exactly what is allowed and what is not. This may mean simpler, harmonised measures, for instance for the registration forms for notification purposes. We also wish to encourage self-regulatory initiatives, such as codes of conduct or codes of practice like the "binding corporate rules" for international data transfers. That is how they can effectively both protect and serve their customers.

 

 

En vervolgens:

 

Data protection is a "must have" feature for consumers, individuals and society in general. A cloud without robust data protection is not the sort of cloud we need. So these features should be well-integrated in the design of cloud computing products and services, from the very beginning of the business processes.

 

 

En ook:

 

 “My vision is that every European cloud customer should be able to know two things:

 

a) that their cloud supplier protects their personal data efficiently, that is in a transparent manner, and in line with EU personal data protection standards,

 

b) that all the governments of all the countries where the cloud touches the earth – that is, where the servers are located – must have legal frameworks in place that guarantee adequate data protection and privacy. There can be limited exceptions for reasons of public order and national security, but these must be governed by the rule of law.

 

 

De Europese Commissie is gestart met het opstellen van een strategie t.a.v. cloud computing. In de eerste helft van 2011 zal de Commissie daarvoor om input vragen.

 

Tenslotte merkt Kroes op dat de huidige privacy regelgeving wordt herzien. Daarbij zijn volgens Kroes belangrijke vragen te beantwoorden, zoals:

 

How do we ensure transparency in the processing of personal data? People should be aware of what they are signing up to. They should have the possibility to review their choice in a user-friendly manner at any time.

 

Data minimisation: what can be done to ensure that just the right amount of personal data is collected, and nothing more?

 

The "right to be forgotten" – how can that work in practice? Here I want to pass my personal thanks to Nathalie Kosciusko-Morizet whose relentless work on this subject has been very valuable. Let me be clear: in my view, the issue is not merely about deleting all data. Just like in real life, when you present yourself on the net, you cannot assume no records exist of your past actions. What matters is that in those cases any data records are made irreversibly anonymous before further use is made of them.

 

Data portability. This is all about freedom of choice: the right for you to change your mind and preference about the services you need. Freedom of choice is only possible when a user can easily and freely transfer his or her data to him or herself and then possibly to another service provider.

 

Efficient use of the resources invested in data protection is important – both for the supervisory authorities and for the industry complying with it. Unnecessary administrative burdens should be removed where possible.

 

 

Lees hier de volledige speech.

BRON: europa.eu


PAGINA DOORSTUREN

DEZE PAGINA IS SUCCESVOL DOORGESTUURD!

EEN REACTIE PLAATSEN

UW E-MAIL ADRES WORDT NIET GETOOND AAN ANDERE BEZOEKERS.

  1. NAAM
  2. E-MAILADRES
  3. BERICHT
  4. WANNEER U DEZE REGEL KUNT LEZEN, VUL HET VOLGENDE VELD DAN NIET IN!
  5.