20 December 2013

Cloud Control for SMEs

The European Parliament has given a mixed reception to the European Commission's proposals on "Unleashing the Potential of Cloud Computing in Europe".

In a resolution passed earlier this month, the Parliament noted the positive impact that cloud computing services can have on SMEs, particularly those in more remote locations or facing financial difficulties, allowing businesses to reduce their fixed costs through renting computer power and storage. The Parliament called on the Commission to consider "an appropriate framework allowing SMEs to increase their growth and productivity, as SMEs can benefit from reduced upfront costs and better access to analytics tool" and to communicate the potential of cloud computing to SMEs in particular.

However, the Parliament expressed regret at the approach adopted by the Commission which failed to mention the risks and challenges attached to cloud computing.  For example, set against the benefits of cloud services - eg service fees, monetisation of underutilised and excess computing resources, and economies of scale - the Parliament noted there were also potential competitive disadvantages in that users could be locked into a particular provider.  
In particular, the Parliament identified a lack of remedies for users in the event of breach of a cloud services agreement, and the lack of transparency in such agreements in general.  The Parliament therefore called on the Commission to work together with EU Member States to develop clear and transparent model contracts.  Such contracts it suggested should include key clauses guaranteeing the quality of the service, for example obligations to update software and hardware where necessary, to determine what happens if data is lost, and to determine the time it would take to resolve a problem, or how rapidly the cloud service could take down offending materials on request.

The Parliament stressed that cloud service agreements should set out, in a clear and transparent manner, the duties and rights of the parties concerning data processing activities by cloud providers (in particular having regard to the recent revelations regarding the US PRISM surveillance programme).  

It urged the Commission to come forward with proposals to ensure protection against arbitrary cancellation of services and deletion of data, guarantee a reasonable chance for customers to recover stored data in cases of cancellation of service and/or removal of data, and provide clear guidelines for cloud providers to facilitate the easy migration of their customers to other services.

No comments:

Post a Comment