Cloud computing poses a larger threat to your privacy than you might think, according to an European Parliament study.
The study published by its Directorate-General for Internal Policies identified potential risks: "The challenge of privacy in cloud computing is underestimated, if not ignored. The main concern arising from the growing reliance on cloud computing is less the possible increase in cyber fraud or crime than the loss of control over individual identity and data."
On Monday, Europe is marking annual data protection day, an initiative to raise awareness of how people's personal information is collected and processed and how to best protect your private lives. The EP is currently looking at plans to update current European rules on data protection to bring them in line with the latest technological developments and prevent misuse of private data.
The report, published at the year-end, also points out that U.S. law authorizes surveillance of cloud data of non-American citizens. U.S. authorities would not be bound by the proposed reform of EU rules, but it is something that could be dealt with by opening EU-U.S. negotiations, the report says.
The U.S. Patriot Act and the Foreign Intelligence Surveillance Amendment Act is said to give the U.S. government enormous leeway to collect all kinds of information on wide swathes of people without requiring a warrant based on probable cause.
Concerned about these laws, the EP's Internal Policies Directorate-General warned companies in the European bloc about the potential privacy implications of having their data hosted with U.S cloud services.
On requests it receives from governments around the world, Google releases every six months Transparency Reports, which reveal Internet user data. The latest report, released on last Wednesday, shows that the U.S. government submitted the most requests for user data with Google - 8,438 requests in the second half of 2012.
Peter Hustinx, the European data protection supervisor, urged people to be careful: "Your personal information is valuable so keep it safe and be aware of your rights when you share it! You have the right to know what information is held about you on major industry and government databases. There could be implications for you if the information is not accurate and you are entitled to check the information that is held and used about you."
The European Commission proposes a reform of current legislation in order to have common rules for all member- states. This would include the right to be forgotten: people would be able to have their personal data deleted if there is no legitimate ground for retaining it. The plans would also introduce fines for losing or divulging customer data. The two legislative proposals are currently being dealt with by Parliament.
German Green MEP Jan-Philipp Albrecht, responsible for steering the regulation setting out a general EU framework for data protection through Parliament, said: "The right to be forgotten, the need for consent when using or transferring personal data, and sanctions in case of infringements of privacy rights are my three central demands for data protection standards for all EU citizens - no matter if inside or outside the EU."
Albrecht welcomed the fact that the new data protection regulation would be valid everywhere in the EU. "This will help strengthen consumer rights, provide companies with legal certainty and give citizens more trust in companies."
Greek Social Democrat MEP Dimitrios Droutsas, who deals with the directive on protecting personal data processed for judicial purposes to avoid misuse of data by police and other law enforcement authorities, said there was a pressing need in Europe for a reform of data protection law due to changing social norms and technological advancements. "The Commission, the Parliament and yes, the Council, we all have to work diligently in order to ensure the highest level of protection for European citizens before the end of this legislature in 2014," he added.
For comments and feedback: editorial@rttnews.com