Guidance Software calls for rethink on data protection rules
Forensics software company claims rules governing where data can be stored could impede enterprise business growth.
Data protection laws that prevent people from storing data in overseas clouds could be inhibiting enterprise business growth.
That's the view of Sam Maccherola, general manager for EMEA at data forensics vendor Guidance Software, who has called on European lawmakers to overhaul the rules governing where people can store their data.
"Europe is such a small, condensed area and you've got the globalisation of organisations taking place, but moving data from country-to-country is problematic...and I think it's almost an impediment to cloud [growth] in Europe," he told IT Pro.
"Unless the EU changes something in terms of data privacy and the regulation surrounding it, it will continue to be an impediment to business growth."
Maccherola also took aim at the fines handed out by data protection regulators, claiming they need to be drastically stepped up or corporations will continue to flout the rules.
For example, despite ever-tightening data protection laws governing how people's data can be processed and stored, the punishments companies face for failing to follow them are not keeping pace.
"I don't understand the rationale behind all these strict data regulations [if they are not being backed] by real fines, because there are no real ramifications if a [company's] data is stolen," said Maccherola.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Until corporations have to disclose [that a data breach] has taken place, and the fines remain somewhat nominal, they won't understand the risks associated with losing data and things won't change."
This could potentially be rectified if the European Commission's draft General Data Protection Regulation proposals get the go ahead.
This aims to update the Commission's data protection legislation so that it takes into account the impact of globalisation and newer technology trends, such as cloud computing.
It is also designed to replace numerous other pieces of legislation with a single document.
"Without a doubt, that [sizeable fines] is the missing component because the rationale behind [data protection regulations] makes great sense, but corporations are not taking responsibility because they don't have to," he added.