Cloud Investigations by European Data Protection Authorities: An Empirical Account
Vranaki Asma, 'Cloud Investigations by European Data Protection Authorities: An Empirical Account,' in Rothchild John A (ed), Research Handbook on Electronic Commerce Law (Edward Elgar, 2016) 518
25 Pages Posted: 20 May 2015 Last revised: 13 Jan 2017
Date Written: March 31, 2015
This chapter draws on qualitative interviews, documentary analysis and observation data to analyse how European data protection authorities ('EU DPAs') exercise one of their statutory enforcement powers, namely, investigations more frequently to determine the compliance of cloud providers with the relevant data protection laws. The empirical analysis presented in this chapter supports two arguments. Firstly, the investigations of cloud providers by EU DPAs ('Cloud Investigations') are complex regulatory processes that often involve different co-operative relationships between various actors, such as DPAs. In reality, manifold interactions and practices, such as facilitative instruments, are deployed to form and perform such collaborations which are vital in ensuring the consistent application and enforcement of common data protection principles in an increasingly globalised context. Secondly, Cloud Investigations are also dynamic as they can involve continually evolving regulatory enforcement styles and compliance attitudes. Cloud Providers can often resist the attempts of the EU DPAs to direct the investigative process in specific ways. How such resistance is resolved is very much context-dependent.
Keywords: cloud computing, data protection, European data protection authorities, investigations, regulation, socio-legal
Suggested Citation: Suggested Citation