Privacy regulations for cloud computing: Compliance and implementation in theory and practice

Abstract

Cloud Computing is a new paradigm in the world of IT. In traditional IT environments, clients connected to a number of servers located on company premises. In Cloud Computing, users connect to the 'Cloud', appearing as a single entity as opposed to multiple servers. Outsourcing data to the Cloud Service Provider (CSP), an external party involves giving the CSP some form of control over the data. Privacy regulations put requirements on organizations regarding storage, processing and transmission of data. Outsourcing this data to a CSP involves outsourcing partial control over the storage, processing and transmission of data and privacy regulations become relevant. This paper addresses the questions as to how existing regulations in the area of privacy affect the implementation of Cloud Computing technologies and how the implementation of Cloud Computing technologies affect compliance with these regulations. © 2011 Springer Science+Business Media B.V.