View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
August 11, 2014

Why are cloud providers so unprepared for new EU privacy laws?

How many meet the new data protection requirements?

By Joe Curtis

Just one in 100 cloud providers meet the impending EU data protection regulations, it is claimed.

New EU requirements that redefine personal data and privacy are set to be passed into law before the end of the year before taking effect in 2015, yet cloud security firm Skyhigh Networks claimed most companies are currently falling foul of the new measures.

It analysed its 7,000-strong list of cloud service partners, saying that just 1% would currently pass the tougher requirements.

"It’s staggering how few cloud providers are prepared for the new EU regulations," said Charlie Howe, EMEA director.

"[Meeting requirements] will inevitably require additional resources and expenditures, but it’s a snip given the proposed penalties for violating the new laws, which can be up to 5% of a company’s annual revenue or up to €100 million."

Currently the Information Commissioner’s Office can levy a maximum £500,000 fine, but along with harsher fines, the new laws will see stricter rules around reporting a breach.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Companies will have to report data leaks "without undue delay", sparking confusion over how long that might be.

Max Perkins, insurance data expert at Beazley, said: "When does that clock start ticking? Is it when they suspect something might have happened? If so, the regulators are going to receive loads of calls."

Meanwhile, any organisation with more than 5,000 customers will have to appoint a data protection officer.

Skyhigh also points out that just 11 countries satisfy the EU’s new privacy requirements for where European firms’ data can reside.

Howe said: "Notably absent from the list is the United States, where 67 percent of all cloud services are headquartered. Data residency is already a significant issue under the current EU Data Protection Directive and it will continue to be so as the new regulations come into effect – especially as only 8.9% of US-based providers have the Safe Harbor Certification, which provides exemption to these regulations."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.