EU reform sets out to close US cloud data access loophole
An updated European directive has been proposed which would prevent US companies from being forced under US law to give US authorities personal information on European citizens. The issue was exposed earlier in the year when Microsoft and Google said that they had made data stored in their European data centres (which made up their cloud services) available to US authorities.
Now, the European Commission's justice commissioner, Viviane Reding, and German Consumer Protection Minister, Ilse Aigner, have met and discussed plans for a new directive which would revise the current rules which date back to 1995. The statement on the talks noted that "This major modernisation of the rules will have profound effects on how data privacy issues are treated in the European Union and beyond."
Both Reding and Aigner also affirmed their intention to achieve a "robust data protection framework for Europe's internal market". In the joint statement they said that "We both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market". The rules will extend to social networks based outside the EU but with users within the EU. "We have to make sure that they comply with EU law and that EU law is enforced, even if it is based in a third country and even if its data are stored in a 'cloud'" said the Commissioner and Minister. They intend to bring forward the reform proposals by the end of January 2012.