With the Safe Harbour agreement now in place, BCS – the Chartered Institute for IT leads the discussion about how the new change will affect global businesses.
Data: Businesses Need to Change their Tune
Every digital business needs to fundamentally rethink its attitude towards personal data, following last month’s ruling by the European Court of Justice on the Schrems case which challenged the legality of the Safe Harbour agreement allowing US corporations to transfer European data to the US.
David Evans, Director of Policy, says: “Doing business online is synonymous with doing so internationally, and as an industry we’ve treated personal data like any other corporate asset, retrofitting the legal environment to enable that. This ruling needs to be understood in a broader context, as a signal of how fundamentally we need to operate differently.”
Difficulties for Cloud Services?
At this point, it will not be clear how many organisations moving personal data across US/EU borders will be able to immediately comply with this ruling, as infrastructure may be fundamentally designed to ignore these boundaries. This could cause a wide array of cloud service providers to have to re-engineer their core systems in a fundamental way, or at the very least to invest heavily in EU-based data centres.
Personal Data: People Have the Power
David continues: “PRISM and Snowden may appear to be the story, but what is more fundamental is that we’ve failed to design our personal data ecosystem around the people who have the biggest stake in that data: the subject. Lawmakers and corporations have been struggling in a tug-of-war for control over this issue, but what’s needed is a revolution in how we deal with personal data.
“People should have individual control over their data, with an industry there to enable that control, just as the banking sector empowers us to hold and transact our money. If the technology sector operated this way, then infrastructure would be designed very differently and we wouldn’t be facing this issue. And this issue is only the first to come.”
National Security Need Access
BCS recognises the importance of governments protecting the interests of their citizens; national security organisations need to have lawful covert access to data.
David adds: “It is important that these agencies are empowered not only by freedom to carry out their mission, but also given clear limitations and oversight that protect them from criticisms either for use of unclear powers or a failure to do so.”
How do you think Safe Harbour will affect the way in which we do business? Visit p. 27 of our 2015 Professional Body Sector Review to get advice on ethical data handling from the Market Research Society.