In recent times with the advent of GDPR the long standing concern over individual rights and privacy have manifested into public awareness. The fight for tax revenues generated by foreign search engine and advertising services raise the question of jurisdictional control over the “cloud”. Business entities that span sovereign frontiers are nothing new, but does the Cloud have a frontier?
This question of control or regulatory rights over the “Cloud” has become central to the business question of who actually is controlling whom. Where does the border start and stop and who actually has the jurisdictional rights to regulate that?
How does regulated industry remain compliant in the Cloud?
Regulated Industries find themselves in a very precarious dilemma between leveraging the economic benefits of the Cloud, but also retaining security and control over their data. Often times a bank can have millions of clients; providing them with access to self-care web applications that contain personal information. Yet these clients can be physically in different jurisdictions from where that personal data is stored. How is that data controlled? Where is the data preserved and/or distributed into the Cloud for redundancies?
Unified Communications has quickly become a monopolistic reality; pulling global organizations into the jurisdictional control often times by American regulation. Regulated corporations are required to protect confidential information, quite frequently embedded in email messages. For these industries they find privacy at the top of the concerns for the organization as they adopt Cloud technologies.
European leaders are using foreign products to communicate “securely”!
It is rare to find a person across Europe without a consumer messaging application on their mobile device. More troubling is those that are working within a regulated industry. These consumer services are typically paid for by data collection, tracking or “selling” your information to publicity partners. The choices to move from a “free” texting application to one that is based in Europe and controlled under the jurisdictional laws of Europe are finite and nascent at best.
It is a not too small a secret that many of our leaders in Europe (all the way to the presidential palace) are using mobile chat applications from American, Chinese, or Russian developers. This is the dilemma dropped into the month of Cybersecurity for regulated industries in Europe. The choices are often few and comfort levels with free consumer applications are a scary reality when security is considered for European organizations.
Whom then is in control of the “Cloud” and how can we provide an offramp to a European Cloud based system and technologies?
As State security services move into the private sector domain to gain access to data or “traces” of illicit data points, these actions often times are seen as trampling on rights once considered foundational personal rights. “Why would anything be hidden if it is legal??” some would argue. While the opposite of that is….do we not remember when security forces were opening up the post mail, or tapping phones or rummaging through trash cans; all without permission….??
Clearly balancing the ability of law enforcement to do their jobs to protect us while also allowing the public to have rights is tricky if not an endless debate. Some would argue there must be a “key” to gain access to systems that are ever increasingly secure (encrypted). But do not these very “back door” access methods open the door to abuse?
With change comes opportunity
Nevertheless, no matter which way the scale tilts for you, the regulated industry in Europe has opportunities for managed services providers. Specialized providers that can manage applications and secure data within the juridiction are valuable. Unified Communications in a private cloud under European law has strong potential as regulators view cybercrime growth.
At CommuniGate Systems we find ourselves right on the balance between the industries we serve and the regulators that approve our products. Learn how we can help you find a place in the cloud by staying in Europe. Our services remain within our Luxembourg data center with License origination being European at all times.