Abstract
This paper assesses the effectiveness of the EU data protection reform for EU residents' privacy in the cloud. It starts off by examining the potential threats of forum shopping for Binding Corporate Rules (BCRs) and discusses the ongoing challenges for enforcing BCRs for processors in cloud services. It also covers the insufficient protection of EU data against foreign surveillance. It proposes ways of eliminating those threats by considering cloud services ‘risky activities’ for both controller and processor as per the Privacy Risk Assessment obligation present in the General Data Protection Regulation (GDPR). Offering a solution to the challenges so identified, the author refers to international soft law and the ongoing debate on its applicability to private enterprises, summarized within the UN ‘Protect, Respect and Remedy’ Framework. Comprehensive privacy-enhancing policies, rather than stricter data protections laws, are crucial to effective data protection in the EU in the age of global cloud computing. The shortcomings of the GDPR, in particular relating to foreign authorities accessing EU data, may be effectively resolved by a flexible combination of legal and extra-legal tools.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
