GDPR is Affecting the US-Based Cloud Services – Are You Prepared?

 

Contemplating the foreseeable changes to be brought to the US-Based Cloud Services due to the Austrian Court's recent ruling


The European General Data Protection Regulation (GDPR) has primarily been viewed as a source of concern by big tech since its establishment in May 2018, but it is now becoming a massive issue for European cloud service users and providers ranging from merchants to governments. This is mainly because of the European privacy campaigners who gained partial success earlier this year in an Austrian case involving a visitor to a health-related website that employs Google Analytics — the world's most widely used tool by website owners to measure how people use their sites.


According to the Austrian Data Protection Authority, the website's proprietors violated the GDPR by transmitting the user's personal data to a company in the United States. That is because sending personal data to any firm in the United States is illegal if the organization cannot guarantee data security from US intelligence agencies, according to a landmark ruling by the EU's top court in 2020.


However, since no American corporation can provide that assurance due to the Foreign Intelligence Surveillance Act (FISA), the ramifications could be far-reaching, as the ruling only covered one of the 101 websites filed by Big Tech's Max Schrems and his None of your business privacy advocacy group. That mass advocacy filed a year and a half ago forced the EU's data protection agencies to coordinate their measures in reaction to it – meaning as many as 100 such judgments are on the way. And if this is the case, soon European websites will be strongly influenced to quit utilizing Google Analytics and other US-based cloud services unless something is done.


Foreseeable Changes

Despite Google's statement that enterprises and organizations using Google Analytics control what data is managed and how it is used and that the tool does not identify users across the internet, big-tech and cloud service providers will have to adjust their data privacy compliance if they want to continue operating in the EU.


There are a few solutions available to European companies and organizations concerning GDPR right now. One of which is for the US to implement meaningful surveillance reforms that would allow American cloud providers to guarantee the protection of foreigners' personal data – though this is unlikely to happen anytime soon.


Another alternative is for US cloud companies to work with local enterprises to create ring-fenced European data centers, similar to what Google did with a sovereign cloud solution for Germany's commercial clients in collaboration with local IT behemoth T-Systems. This Google partnership in 2021 allowed the European corporation controlling authority over the personal information of European individuals stored on servers, resolving the GDPR issue.


To conclude, companies must comply with the GDPR independently of the steps taken by big-tech cloud service providers and the decisions made by the governments to avoid worldwide scrutiny and hefty fines. However, dealing with the ever-changing legal environment, the massive volume of personal data, the constraints of control over it, and the looming threat of an enormous fine, if you miss anything, it is no simple feat – therefore, the GDPR compliance software. For a detailed understanding of the software, its features, and its importance, reach out to our ZL Tech Expert.

Comments

Post a Comment

Popular posts from this blog

How Financial Services Sector Can Reduce Costs and Time in Operations

Since the global financial crisis of 2008, bank profit margins have remained considerably low in the United States and other advanced economies. One of the biggest reasons is that the expenses have been outpacing revenues and, especially in Europe, the average return on equity of banks has dropped to undesirable lows. Furthermore, regulatory compliance and high levels of expenditure due to the suddenly remote workforce and increased risks due to defaults, insurance claims, client insolvency, and other factors added to the pressure. Therefore, the financial sector must act fast to increase profits, or be forced to continue laying off staff, which reached half a million last year, since 2014.  The profits can be increased in many ways, such as streamlining offerings, digitizing processes, seeking low-cost organic growth, and scaling up through mergers, acquisitions, and partnerships. But apart from increasing the profits, cutting costs can also help the financial services industry b...
Read more

The Role of a Compliance Strategy in Mitigating Cyber-Attacks

  Discussing why, now more than ever, privacy compliance procedures are required to combat cyber-attacks Cyber-attacks are not uncommon in today's day and age. However, because of the COVID-19 pandemic, cyber-attacks have skyrocketed, with some reports suggesting a 600% rise . At the same time, some anticipate that IoT cyber-attacks will double by 2025. And, with a 0.05 % rate of detection (or prosecution) of such attacks in the United States, it is difficult to conceive the devastation produced by even a modest increase in attacks. So, what do we do? Create a systematic compliance effort for your company. A structure that ensures, at the very least, the following: Having a Comprehensive Compliance Strategy Many businesses do not have a centralized plan in place to ensure data privacy compliance that is simple yet comprehensive, integrated, quantified, and centralized. This may be achieved by developing a high-level set of principles and documents that outline the measures t...
Read more

Traversing Through eDiscovery Data Sources Amid the Hybrid Work Environment

  A look at eDiscovery data sources, the issues they provide in today's hybrid work environment, and possible solutions The COVID-19 pandemic unleashed a tsunami of new technologies, software, procedures, methodologies, and upgrades to old ones, allowing the world's suddenly remote workforce to interact and collaborate more effectively . Meanwhile, cloud service providers saw an unprecedented increase in product utilization since businesses now require it more than ever. However, after almost two years, as we transition from completely remote work culture to a hybrid or back-to-office work culture, companies are yet again struggling. This time, the concern is the ever-increasingly complex regulatory compliance environment. And it only requires more severe and strong systems and procedures to cater to the massive surplus of eDiscovery data sources generated recently. Amid this chaos are the legal professionals, specifically the eDiscovery and compliance teams. They are entrust...
Read more