Research pick: Privacy in the cloud - "Legal issues of consumer privacy protection in the cloud computing environment: analytic study in GDPR, and USA legislations"

Data privacy issues have come to the fore in the world of cloud computing and there has been something of a backlash against this burgeoning area in some quarters. However, there are many individuals and organisations that rely on it on a daily basis. Unfortunately, the laws around data privacy in cloud computing have not kept apace with the technology and are often unclear and contradictory. This problem needs to be addressed urgently according to researchers writing in the International Journal of Cloud Computing.

Alaeldin Alkhasawneh of the Department of Private Law at Yarmouk University in Jordan and also the Department of Private Law at UAEU University in Abu Dhabi, United Arab Emirates, and Fawaz A. Khasawneh of the Department of Software Engineering and IT at the University of Quebec, Montreal, Canada, have explored the laws surrounding data privacy in cloud computing and identified several gaps in the legislation. The team offers several proposals as to how the laws might be improved to create a better experience and service for cloud consumers as well as increased protection for personal, sensitive, and private data.

Cloud computing is an essential service provided by many companies and used by many more. It offers various benefits to users by providing storage and computing services through remote servers rather than the user having to have their own on-site systems. There are costs, but the benefits of often distributed systems means that users within a multinational organisation can access those services anywhere in the world rather than overburdening a single-site server. Users of cloud computing might be private individual, small and medium-sized enterprises, governments and non-governmental organisations, as well as large companies and international corporate entities.

The team suggests that fundamentally cloud computing service providers should be required by law to take greater responsibility for the protection of their users’ data. The team also suggests that the various local and regional laws need to work in concert to avoid contradictions and to allow cloud computing thrive without compromising the protections the various laws offer users.

Alkhasawneh, A. and Khasawneh, F.A. (2023) ‘Legal issues of consumer privacy protection in the cloud computing environment: analytic study in GDPR, and USA legislations’, Int. J. Cloud Computing, Vol. 12, No. 1, pp.40–62.