Skip to main content Accessibility help

We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.

Close cookie message
×
Hostname: page-component-78c5997874-j824f Total loading time: 0 Render date: 2024-11-11T03:26:18.716Z Has data issue: false hasContentIssue false

5 - Data Privacy and Data Protection Issues in Cloud Computing

from Part II - Legal Requirements and Adoption of Government Cloud

Published online by Cambridge University Press:  10 December 2021

Kevin McGillivray
Kevin McGillivray
Affiliation:
Norwegian Research Centre for Computers and Law
Get access

Summary

This chapter evaluates the key data protection requirements and compliance obligations that governments must account for when entering into contracts with cloud service providers. The chapter concentrates on data protection issues that pose particular barriers for governments attempting to adopt cloud-computing services.

The chapter focuses primarily on understanding how the General Data Protection Regulation (GDPR) impacts the use of cloud computing. This requires an analysis of applicability and jurisdiction, applications of principles, understanding roles and responsibilities under the law, contractual obligations on sub-processors, liability for compliance, and limits on data transfers among others. The chapter also provides an overview of US data privacy law.

The chapter further evaluates recent case law and guidance from the European Data Protection Board (EDPB) and national data protection authorities to draw conclusions regarding GDPR cloud compliance obligations. Specifically, the chapter focuses on challenges and limits to cross-border transfers of data following the CJEU decision in the “Schrems II” case.

Keywords

Cloud computingdata protectionGDPRprivacyjurisdictiondata transferSchrems
Type
Chapter
Information
Government Cloud Procurement
Contracts, Data Protection, and the Quest for Compliance
 , pp. 91 - 156
Publisher: Cambridge University Press
Print publication year: 2021

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

Save book to Kindle

To save this book to your Kindle, first ensure coreplatform@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

Available formats
×