13 Amendments of Judith SARGENTINI related to 2013/2063(INI)
Amendment 1 #
Draft opinion
Paragraph 1
Paragraph 1
1. Reiterates that notwithstanding the potential and benefits of ‘cloud computing’ for businesses, citizens and the public sector, it entails significant risks and challenges, particularly for fundamental rights and by increasing impact in case of disruptions, whether they are caused by malfunction, malpractice, criminal action, or in case of hostile action by another country;
Amendment 9 #
Draft opinion
Paragraph 2
Paragraph 2
2. Stresses that EU data protection law fully applies to cloud computing services operating in the EU and thus must be fully respectedmust be respected; considers that not all sensitive data are personal data and urges the Commission to propose guidelines to protect non- personal sensitive data in a cloud context, particularly in the case of government data and of data from organizations such as banks, insurance companies, pension funds schools and hospitals;
Amendment 13 #
Draft opinion
Paragraph 2 a (new)
Paragraph 2 a (new)
2a. Recalls that, where a cloud provider uses the data for a purpose other than the purpose agreed on the service agreement, or communicates them or uses them in a way contrary to the terms of the contract, he should be considered data controller and should be held liable for the infringements and breaches incurred;
Amendment 14 #
Draft opinion
Paragraph 3
Paragraph 3
3. Stresses that cloud services agreements must set out the duties and rights of the parties concerning data processing activities by cloud providers, on a basis of respect for EU data protection law; urges the Commission to come forward with proposals to restore the balance between cloud service providers and their customers as regards the terms and conditions used by cloud services, including: 1. provisions ensuring protection against arbitrary cancellation of services and deletion of data; 2. guaranteeing a reasonable chance for the customer to recover stored data in case of cancellation of service and/ or removal of data; 3. providing clear guidelines for the cloud providers to facilitate the easy migration of their customers to other services;
Amendment 16 #
Draft opinion
Paragraph 3
Paragraph 3
3. Stresses that cloud services agreements must set out the duties and rights of the parties concerning data processing activities by cloud providers, on a basis of respect for EU data protection law; recommends that full account be taken of Article 29 of the Working Party Opinion on cloud computing1; __________________ 1 WP 196, available at: http://ec.europa.eu/justice/data- protection/article- 29/documentation/opinion- recommendation/files/2012/wp196_en.pdf
Amendment 18 #
Draft opinion
Paragraph 3 a (new)
Paragraph 3 a (new)
3a. Highlights that particular attention must be given to those situations where the imbalance in the contractual situation between the customer and the cloud provider leads the customer to enter into contractual arrangements imposing standard services and contract to be signed, in which the provider defines the purposes, conditions, means of the processing1; in such circumstances, the cloud provider shall be considered "data controller" and becomes jointly liable with the customer; __________________ 1 Particularly in the case of consumers and SMEs using cloud services.
Amendment 19 #
Draft opinion
Paragraph 4
Paragraph 4
4. Stresses that the use of cloud services by public authorities requires special consideration; emphasises that data integrity and security must be guaranteed and unauthorised access, including by foreign governments, prevented; stresses that this also applies to specific processing activities by certainsome non- governmental services, such as banks, insurance companies, schools and hospitals; urges the Commission to propose guidelines for these organisations to follow when using cloud services to process, transmit or store their data, including the adoption of open standards to prevent vendor lock-in and a preference for open source software to improve transparency and accountability of the services used;
Amendment 24 #
Draft opinion
Paragraph 4
Paragraph 4
4. Stresses that the use of cloud services by public authorities requires special consideration; emphasises that data integrity and security must be guaranteed and unauthorised access, including by foreign governments, prevented; stresses that this also applies to specific processing activities by certain non-governmental services such as banks, insurance companies, schools and hospitals; reiterates and expresses its serious concerns about the compulsory direct disclosure of EU personal data and information processed under cloud agreements to third country authorities by cloud providers subject to third country laws or using storage servers located in third countries1; regrets that this access is usually made by means of the direct enforcement of legal rules by third countries authorities without making use of international instruments established for legal cooperation such as MLA or judicial cooperation; regrets that, despite its constant calls, neither the European Commission nor the Council have taken measures to solve this situation and ensure the respect of the fundamental rights of EU citizens; __________________ 1 Study on fighting cyber crime.
Amendment 25 #
Draft opinion
Paragraph 4 a (new)
Paragraph 4 a (new)
4a. Urges the Commission to extend current regulation of critical infrastructures to include those cloud services which, in case of disruptions, might have a disruptive impact on society, while guaranteeing the protection of personal and other sensitive data;
Amendment 29 #
Draft opinion
Paragraph 4 a (new)
Paragraph 4 a (new)
4a. Stresses its serious concerns about the works conducted within the Council of Europe by the Cybercrime Convention Committee with a view to developing a Guidance on the interpretation of the Article 32 of the Convention on Cybercrime of 23 November 2001 on "transborder access to stored computer data which consent or where publicly available"1in order to "facilitate its effective use of and implementation in the light of legal, policy and technological developments"; calls on the Commission [and Member States] to actively take part in the works to ensure that any interpretation adopted respects the EU Charter of Fundamental Rights, which is legally binding; __________________ 1 http://www.coe.int/t/dghl/cooperation/eco nomiccrime/Source/Cybercrime/TCY/TCY %202013/T CY(2013)14transb_elements_protocol_V2. pdf http://www.coe.int/t/DGHL/cooperation/e conomiccrime/cybercrime/default_en.asp
Amendment 31 #
Draft opinion
Paragraph 4 b (new)
Paragraph 4 b (new)
4b. Urges the Commission to stimulate the development of cloud computing platforms suited for users from countries with oppressive regimes, to allow them to express their opinion and access information freely and without fear of reprisals;
Amendment 41 #
Draft opinion
Paragraph 5 – introductory part
Paragraph 5 – introductory part
5. Urges the Commission to put forwardcontinue its work on cloud computing, by developing a more holistic cCommunication on cloud computing, taking into account the interests of all stakeholders, and that containings at least the following:
Amendment 49 #
Draft opinion
Paragraph 5 – indent 3
Paragraph 5 – indent 3
– safeguards against illegal access by foreign and domestic entities, for instance by amending procurement requirements and applying Council Regulation (EC) No 2271/961 to counteract foreign laws that might result in massive illegal transfers of the cloud data of EU citizens and residents;