The General Data Protection Regulation poised to disrupt cloud computing

padlock sign on cloud

philip piletic

Guest blog: Philip Piletic
My primary focus is a fusion of technology, small business and marketing. I’m a freelancer, writer and traveller who loves to share his experiences with others by contributing to online communities and helping others achieve success. 

Most people may not know much about the EU’s General Data Protection Regulation (GDPR) – or, like some, never even heard of it until now. What you need to know is that no matter where you live in the world the GDPR will affect a lot of industries. Whether you are an SMB operating in the United States or somewhere else, it’s going to affect your customer base in Europe and the UK. This is going to totally shake the cloud computing industry all the way to its core.

Let’s explore some of the ramifications of the GDPR in the cloud computing industry.

Of course, the cost of cloud computing will rise

For the time being, we have this general expectation about the costs of cloud computing. Most cloud computing companies offer a certain amount of free storage with the option to upgrade (Google offers 15GB of free storage, for example). This will begin to change as these companies are faced with more challenges when the GDPR takes effect.

Possible fines as high as $100 million or more will have a lot of cloud computing companies walking a very thin line. Such exorbitant penalties could literally destroy a lot of smaller cloud computing companies. And even for companies like Google, facing a $100 million fine will cause them to rethink how they offer cloud computing services to the European-based consumers. These companies have no other choice other than to raise their rates in order to absorb the extra costs and not suffer too much.

The rules will have to be rewritten

Some may find it good news that one of the things the GDPR is changing is “the right to be forgotten.” This means once you delete something it must be totally erased from the cloud system. At the moment, 63 percent of cloud system providers store data indefinitely, which has risen privacy concerns as of recent. These companies often wouldn’t mention it within their terms and conditions, primarily because, for them, it was never a concern.

And before you complain about what the EU is doing with its GDPR, I want you to think about this: Google essentially owns all the rights to anything you upload to cloud. Yup, you read that correctly. In their own terms and services agreement, they state clearly as such.

Here is the section that is of importance, with the controversial parts in bold:

“When you upload or otherwise submit content to our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. The rights you grant in this license are for the limited purpose of operating, promoting, and improving our Services, and to develop new ones.”

For many cloud providers who want to avoid getting hit with a hefty fine, they are going to have to totally start from zero and rewrite their terms and conditions.

Improving cloud security against attacks

With the recent hacker attacks done by North Korea using ransomware on a number of organizations and cloud services, security has become a big issue globally, from the Unites States to Africa to the EU. North Korea isn’t the only threat either. Terrorist organizations are beginning to get into the business of hacking as well. These threats from malicious criminals have created a serious need to revamp cloud computing security protocols like never before.

For those companies that have already been established for a while, they will find this change much more complex and time-consuming. But for those future startups looking to get into the cloud computing business, hopefully, they will find the task easier.

Less frivolously stored data

The cloud computing industry is no different than any other internet based industry in the world. As mentioned above, a part of their business model is sharing data with third parties (how big of a portion we may never know). With 44 percent of B2C marketers using big data and analytics to improve responsiveness to 36 percent actively using analytics and data mining, no wonder I keep hearing Rockwell’s Somebody’s Watching Me as I am surfing the web.

The only way to avoid trouble from the EU’s GDPR is by only collecting data that is essential or deemed “absolutely necessary.” Less data collecting translates to more ease of operation on the part of cloud computing companies. They should be happy about that.

Usher in the era of blockchain

As popular as the Bitcoin has become, I am totally surprised to find how many people fail to know what it is when asked. It’s only the most revolutionary, secure data storage technology in the world. It has been disrupting the financial industry for a few years or more now. Even the medical and insurance industries are beginning to adopt blockchain because of the safety it provides their clients.

Blockchain works by decentralising the data system, leaving every user in complete control of their own identity and data. They can also decide when and who accesses their data. Since the entire idea behind GDPR is about protecting user’s privacy, blockchain is poised to take over the game.

So, when does all this change take place?

The scheduled date for GDPR to take effect is on May 25, 2018. That gives cloud providers less than a year to get everything in order. If you want to keep your eye on how things are progressing, just follow this link to stay up-to-date.