Regulation and standardization of data protection in cloud computing

Standards are often considered as an alternative form of regulation to legislative rule setting. However, standards also complement legislative acts, supporting their effective implementation and providing precise definitions for sometimes vague legal concepts. As we demonstrate, standards are not mere technical regulations but relate to sensitive political issues. The genesis and contents of ISO/IEC 27018 illustrate the interaction between both forms of regulation in the case of data protection in cloud computing. While the standard has been written with intensive consideration of the legal framework, we argue that the standard could reciprocally influence legal rule-making in the same domain.

[1]  G. M. Peter Swann,et al.  The Economics of Standardization: An Update , 2010 .

[2]  I. Rubinstein Regulating Privacy by Design , 2011 .

[3]  H. Varian,et al.  Conditioning Prices on Purchase History , 2005 .

[4]  I. Brown,et al.  The Economics of Privacy, Data Protection and Surveillance , 2013 .

[5]  Daniel Smihula,et al.  The Waves of the Technological Innovations of the Modern Age and the Present Crisis as the End of the Wave of the Informational Technological Revolution , 2009 .

[6]  Bettina Berendt,et al.  E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior , 2001, EC '01.

[7]  Ian Walden,et al.  'It's a jungle out there'?: Cloud computing, standards and the law , 2014, Eur. J. Law Technol..

[8]  Curtis R. Taylor,et al.  The Economics of Privacy , 2016 .

[9]  A. Acquisti,et al.  Privacy Costs and Personal Data Protection: Economic and Legal Perspectives , 2009 .

[10]  Alessandro Acquisti,et al.  Is There a Cost to Privacy Breaches? An Event Study , 2006, WEIS.

[11]  K. Ball,et al.  It's a jungle out there! , 1997, Today's surgical nurse.

[12]  Christopher S. Yoo,et al.  Cloud Computing: Architectural and Policy Implications , 2011 .

[13]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[14]  Bernhard Debatin,et al.  Facebook and Online Privacy: Attitudes, Behaviors, and Unintended Consequences , 2009, J. Comput. Mediat. Commun..

[15]  Hong Zhao,et al.  Data Security and Privacy Protection Issues in Cloud Computing , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[16]  C. Bloch,et al.  Oslo Manual - Guidelines for Collecting and Interpreting Innovation Data, 3rd edition: Proposed Guidelines for Collecting and Interpreting Innovation Data , 2005 .