Guidance Software calls for rethink on data protection rules

Inspection

Data protection laws that prevent people from storing data in overseas clouds could be inhibiting enterprise business growth.

That's the view of Sam Maccherola, general manager for EMEA at data forensics vendor Guidance Software, who has called on European lawmakers to overhaul the rules governing where people can store their data.

"Europe is such a small, condensed area and you've got the globalisation of organisations taking place, but moving data from country-to-country is problematic...and I think it's almost an impediment to cloud [growth] in Europe," he told IT Pro.

"Unless the EU changes something in terms of data privacy and the regulation surrounding it, it will continue to be an impediment to business growth."

Maccherola also took aim at the fines handed out by data protection regulators, claiming they need to be drastically stepped up or corporations will continue to flout the rules.

For example, despite ever-tightening data protection laws governing how people's data can be processed and stored, the punishments companies face for failing to follow them are not keeping pace.

"I don't understand the rationale behind all these strict data regulations [if they are not being backed] by real fines, because there are no real ramifications if a [company's] data is stolen," said Maccherola.

"Until corporations have to disclose [that a data breach] has taken place, and the fines remain somewhat nominal, they won't understand the risks associated with losing data and things won't change."

This could potentially be rectified if the European Commission's draft General Data Protection Regulation proposals get the go ahead.

This aims to update the Commission's data protection legislation so that it takes into account the impact of globalisation and newer technology trends, such as cloud computing.

It is also designed to replace numerous other pieces of legislation with a single document.

"Without a doubt, that [sizeable fines] is the missing component because the rationale behind [data protection regulations] makes great sense, but corporations are not taking responsibility because they don't have to," he added.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.