Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.

There May Have Been a Breakthrough On the U.S.-EU Privacy Shield Deal

David Meyer, Fortune,  Saturday, June 25, 2016

The officials said the Commission had agreed on “additional clarifications” with the U.S. on American mass surveillance powers, the role of the “ombudsperson” who will adjudicate complaints from EU citizens about their data being abused, and the transfer of EU citizens’ data to other companies.

EU, United States agree on changes to strengthen data transfer pact

Julia Fioretti, Reuters,  Friday, June 24, 2016

The European Union and the United States have agreed changes to a data transfer pact that is key to transatlantic business, including stricter rules for companies holding information on Europeans and clearer limits on U.S. surveillance. The revised EU-U.S. Privacy Shield was sent for review by European member states overnight. They are expected to hold a vote in early July, several EU sources said, at which point it will enter into force.

EU Model Clauses Challenge - America Fights Back

Ian De Freitas, Lexology,  Friday, June 17, 2016

The American Government is seeking to intervene in the challenge brought by privacy activist Max Schrems to the validity of EU Model Clauses – the mechanism that many organisations switched to as a means to allow transatlantic data transfers following the invalidation of Safe Harbor in October 2015. In our blog, Model Clauses under threat - or are they?, we predicted that there would be more of a fight over Model Clauses than occurred with Safe Harbor. The stage now seems set for a debate about the extent of US Surveillance activities and how they compare with European practices and protections.

Data protection groups seek to join key High Court case

Mary Carolan, Irish Times,  Friday, June 17, 2016

Digital Rights Ireland and a US-based civil liberties group want to be joined to a pending data protection case which could have huge international implications, the High Court has heard. The US government earlier this week also secured leave to bring an application to be joined to the High Court action, initiated by Data Protection Commissioner Helen Dixon

Maryland universities to use data to predict student success — or failure

Carrie Wells, The Baltimore Sun,  Monday, June 13, 2016

Officials at the University System of Maryland have begun to analyze student data — grades, financial aid information, demographics, even how often they swipe their ID cards at the library or the dining hall — to find undergraduates who are at risk of dropping out. Law enforcement agencies, political campaigns, retailers and other universities all mine data to help focus their efforts. University system officials say the practice, called predictive analysis, will boost graduation rates by enabling educators to intervene with struggling students before failure becomes inevitable.

Security versus privacy? There's only going to be one winner

Danny Palmer, ZD Net,  Thursday, June 9, 2016

There's no fundamental right to privacy and critics of surveillance legislation must understand that access to private information of citizens is essential to keeping citizens safe, former UK Foreign Secretary William Hague has warned.

Untying the Global Dataflows Mess

Eduardo Ustaran, Lexology,  Wednesday, June 8, 2016

One of Harry Houdini’s most difficult tricks consisted of escaping from a nail-fastened and rope-bound wooden crate with manacles on his hands and feet, while submerged in New York’s East River. That feat is starting to look straightforward when compared to the prospect of lawfully exporting personal data out of the European Union. The restrictions on transfers of data to jurisdictions that do not provide an adequate level of protection have been in place for more than 20 years. And while these restrictions have not prevented the development of the digital economy, judging by this issue’s current direction of travel, we could be facing a situation from which not even the great Houdini could escape.

Attorney Confidentiality, Cybersecurity, and the Cloud

Daniel J. Solove by Daniel Solove, TeachPrivacy
Monday, June 6, 2016

There is a significant degree of confusion and lack of awareness about attorney confidentiality and cybersecurity obligations. This issue is especially acute when it comes to using the cloud to store privileged documents. A common myth is that storing privileged documents in the cloud is a breach of attorney-client confidentiality. In other instances, many attorneys and firms are not paying sufficient attention to their obligation to protect the confidentiality and security of the client data they maintain.

Data Localization Takes Off as Regulation Uncertainty Continues

Stephen Dockery, Wall Street Journal,  Monday, June 6, 2016

Companies are putting the pedal to the floor to get data stored in European countries as the information environment becomes complicated by a new privacy law and threatened by the possible failure of a U.S.-EU data transfer agreement. Data center operations have been booming for years, but there’s a new urgency in setting them up.

Opinion: Is your data really safer in Europe?

Kenneth Bamberger and Deirdre K. Mulligan, Christian Science Monitor,  Monday, June 6, 2016

Focusing only on the US would indulge two widespread fallacies about the relative levels of privacy protection in the US and the EU. Action based on these flawed ideas will increase rather than decrease the risks to personal privacy.