Informational Self Determination in Cloud Computing. Data Transmission and Privacy with Subcontractors (PDF)

Master's Thesis from the year 2015 in the subject Law - European and International Law, Intellectual Properties, grade: 95,5, Centre International de Formation Européenne - Nice (CIFE European Online Academy), course: European Law - Informational Self Determination in Cloud Computing -- Data Transmission and Privacy with Subcontractors, language: English, abstract: The paper analyses the constraints of the current European directive on data protection regarding the free and active exercise of the right to informational self-determination in cloud computing with subcontractor chains.
The analysis focuses in particular on the personal and geographical scope of the protection of personal data, on the legitimation of data processing under the aspect of data transmission into secure and unsecure third countries with subcontractor involvement. Herein it will be critically analysed whether the options under which it is possible to process personal data, will deliver sufficient privacy security in cloud computing. Furthermore, the paper examines the effectiveness and the consequences of possible legitimation of processing personal data in cloud computing. Also, will be regarded the legitimation options to include subcontractors in complex cloud computing landscapes in secure and unsecure third countries. The data subject and the cloud user position and chances to execute their rights of informational self-determination in distributed cloud computing landscapes will be critical looked at.
Based on the multiple challenges that the personal data faces in complex cloud computing landscapes, various improvement potentials addressed to different actors emphasis the necessity to reduce the risk to the data subject¿s informational self-determination in cloud computing.
Finally, the recent regulation on general data protection that was published by the Council on 11th June 2015 will be cross-checked against the identified gaps of the currently existing data protection directive, with an emphasis on the requirements to achieve informational self-determination.