Nº 10 2012 > Global Symposium for Regulators | Special report
Dark clouds: safety and security on the net
The session on safety and security on the net, moderated by Imad Hoballah, Acting Chairman and CEO of Lebanon’s Telecommunications Regulatory Authority, reviewed online threats from a user’s perspective (data protection and privacy), and rights in the cloud and how to ensure anytime reliable access to cloud services. Participants emphasized the importance of defining applicable jurisdictions and managing commercial risk.
Stephanie Liston, Senior Counsel of Charles Russell and author of the GSR discussion paper on “The Cloud: data protection and privacy: whose cloud is it anyway?”, said that the challenge is to protect the legitimate right to privacy without losing the opportunities that cloud services and technology provide. Countries have developed different approaches to privacy and data protection, ranging from no legislation (as in Brazil) to detailed regulatory frameworks (as in the European Union).
The current framework is outdated, because regulation should not prohibit the transborder flow of data. It is not clear which law applies to transborder data flows, so consumers do not know which jurisdiction they should turn to.
Kalamullah Ramli, Adviser to Indonesia’s Minister of ICT for Technology, Indonesia, explained that in Indonesia cloud computing is dealt with in the same way as the transport sector: the service provider is responsible for the safety and protection of consumer data.
Participants pointed out that privacy regulation is being considered at national level, but within a decade a global response will be needed so that all citizens of the world have the same level of data protection.
Dr Hoballah concluded that regulators must strike a balance between the free flow of information and meeting the security concerns that users have about cloud computing.