A positive impact of the EU Safe Harbor issue
It’s said that there’s no such thing as bad publicity, and with the recent EU-USA Safe Harbor saga, this is definitely the case. It has got a lot of media attention and has caused a lot or people to panic. However, now that it’s headline news, people are sitting-up and taking notice of where their data actually is.
The speed of technological development is light years ahead of suitable new legislation. Governments and judicial systems are struggling to manage the constantly changing ways in which we communicate, do business and even commit crime. The subject of data jurisdiction was the subject of seminars I hosted back in 2011, when we discussed ‘data location, location, location’, the importance of knowing where your data was.
As an individual, you probably aren’t too concerned about where your data is, as long as you can access it. However, as a company, you must know where your data is.
Wherever you are located, you have a legal responsibility under local data protection law to ensure that your data and that of your clients is stored and processed in an appropriate way. Not only this, but your client agreements and client expectation may dictate where their data is and can be stored.
A company’s CIO is clearly responsible for knowing where data is stored and processed, but data jurisdiction is a serious matter and decisions should be taken by the business, with proper legal and compliance advice.
I have no doubt that the Safe Harbor issue will get resolved. However, right now, the fact that it has hit the mainstream headlines is a good thing, because people are starting to take notice of data jurisdiction and understand its importance.