In de nieuwsbrief van deze maand meldt de CC BE dat zij hebben meegedaan aan de EU-consultatie over cloud computing, zie onderstaand bericht.
On 9 September, the CC BE adopted a response regarding the European Commission Public Consultation on Cloud Computing. Instead of responding to the specific set of questions, the CC BE drew the Commission’s attention to a number of more general issues and points of concern from the legal profession’s point of view.
Despite its benefits, cloud computing also entails major risks for lawyers, which are mostly related to the security of client information. Lawyers have professional obligations with respect to managing their clients’ information. These obligations include the need to preserve confidential and privileged information, and also the requirement to comply with data protection legislation. In addition to these obligations, lawyers are subject to the regulatory authority of their respective Bar or Law Society. When a lawyer uses cloud computing his or her ability to comply with these obligations may be affected.
At the moment, the CC BE is developing a set of guidelines for lawyers about how to avoid risks related to cloud computing. However, the CC BE believes that a major responsibility also rests on the shoulders of the EU and, therefore, urges the European Commission to take into account the following guidelines in its work on a European Cloud Computing Strategy:
• to guarantee absolute protection for legal professional privilege as a safeguard for citizens’ right to privacy.
• to ensure the maximum level of data protection;
• to take into account the specific situation of lawyers by considering their stringent deontological and legal rules;
• to engage in negotiating binding international agreements with non-EU states so as to increase internationally the extent of the protection of personal data;
• to ensure that EU data protection rules can be effectively enforced and that third country legislation does not take precedence over EU legislation;
• to develop model terms and conditions that could be incorporated into agreements between cloud computing providers and their clients;
• to urge cloud computing service providers to adhere to the maximum level of technological security requirements.