The paper analyses the constraints of the current European directive on data protection regarding the free and active exercise of the right to informational self-determination in cloud computing with subcontractor chains.
The analysis focuses in particular on the personal and geographical scope of the protection of personal data, on the legitimation of data processing under the aspect of data transmission into secure and unsecure third countries with subcontractor involvement. Herein it will be critically analysed whether the options under which it is possible to process personal data, will deliver sufficient privacy security in cloud computing. Furthermore, the paper examines the effectiveness and the consequences of possible legitimation of processing personal data in cloud computing. Also, will be regarded the legitimation options to include subcontractors in complex cloud computing landscapes in secure and unsecure third countries. The data subject and the cloud user position and chances to execute their rights of informational self-determination in distributed cloud computing landscapes will be critical looked at.
Based on the multiple challenges that the personal data faces in complex cloud computing landscapes, various improvement potentials addressed to different actors emphasis the necessity to reduce the risk to the data subject´s informational self-determination in cloud computing.
Finally, the recent regulation on general data protection that was published by the Council on 11th June 2015 will be cross-checked against the identified gaps of the currently existing data protection directive, with an emphasis on the requirements to achieve informational self-determination.
Inhaltsverzeichnis (Table of Contents)
- Procedure of the Paper
- Chapter 1: The economic importance of cloud computing
- Chapter 2: The current legal data protection directive EC/95/46
- Chapter 3: Legitimation criteria of the directive
- 3.2.3 Case A
- Chapter 4: Transfer of personal data outside the EU
- Chapter 5: Different cloud computing landscapes
- 5.1 Case A
- 5.2 Case B
- 5.3 Case C
- 5.3 Case D
- Chapter 6: Technical, economic, political, educational measures
- Chapter 7: Latest official published data protection regulation version
Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)
This paper aims to analyze the limitations of the current European data protection directive in relation to the exercise of the right to informational self-determination within cloud computing environments involving subcontractor chains. The focus lies on examining the scope of personal data protection, the legitimacy of data processing, and the effectiveness of safeguarding privacy in cloud computing.
- The implications of the European data protection directive on data transmission and privacy in cloud computing.
- The challenges of safeguarding informational self-determination within complex cloud computing landscapes.
- The effectiveness and consequences of data processing legitimation in cloud computing.
- The role of subcontractors in securing data privacy within cloud computing environments.
- The impact of the recent general data protection regulation on the protection of informational self-determination.
Zusammenfassung der Kapitel (Chapter Summaries)
The paper begins by outlining the challenges of data privacy in the digital age, highlighting the economic importance of data. It then introduces the concept of cloud computing and its economic significance, explaining how data is distributed within this framework. The first chapter concludes by examining the development of European data protection law.
Chapter two takes the current legal data protection directive EC/95/46 as a basis to assess its application in cloud computing scenarios involving subcontractors. The focus shifts towards the personal and geographical scope of data protection, emphasizing the complexities of applying anonymizing and pseudonymizing techniques in cloud computing.
Chapter three examines the legitimation criteria outlined in the directive, including consent and contract data processing, in relation to the practical effectiveness of cloud computing. The chapter then presents a case study where the legitimation of data transfers with subcontractors is analyzed in a specific cloud computing scenario.
Chapter four explores the transfer of personal data outside the EU, relying on the EU directive EC/95/46 and the German federal data protection law. It examines options for awarding third countries an EU-comparable security status and presents various methods for ensuring lawful data transmission to unsecure third countries in cloud computing scenarios involving subcontractors.
Chapter five provides a detailed analysis of different cloud computing landscapes, examining the requirements for lawful data processing of personal data in unsecure third countries with subcontractors.
Chapter six proposes technical, economic, political, and educational measures to bolster the legal effectiveness of data protection. These proposed measures are intended to safeguard informational self-determination in society.
Schlüsselwörter (Keywords)
This paper explores key topics such as informational self-determination, data protection, cloud computing, data transmission, privacy, subcontractors, and the European data protection directive. It delves into the complexities of data privacy in a globalized digital environment, particularly in relation to the use of cloud computing services. The paper also examines the role of subcontractors in cloud computing and the implications of data transfers to third countries.
- Quote paper
- Jutta Grosse Wichtrup (Author), 2015, Informational Self Determination in Cloud Computing. Data Transmission and Privacy with Subcontractors, Munich, GRIN Verlag, https://www.grin.com/document/309264