Compliance with basic data protection principles in cloud computing: the aspect of contractual relations with end-users

Abstract

The aim of this article is to analyse the compliance with basic data protection principles in selected consumer oriented cloud computing contracts, and also to highlight the adequate level of data protection in the mentioned contracts. In order to achieve the goal, the authors introduced the concept of the cloud computing, reviewed the features and functions of cloud computing , also considered the advantages and disadvantages of the cloud computing (from end-user perspective). Mitigating the main risks in cloud environment, the significant moment of compliance with data protection principles in end-users' contracts was identified. Authors presented main data protection principles, established in the current data protection legal framework, also in the EU draft of general data protection regulation. In addition, the authors executed the case study on selected consumer focused cloud computing service contracts analysing the particular cases on compliance with main data protection principles in cloud computing service contracts. While achieving the adequate level of data protection, the compliance with main data protection principles shall be ensured. The case study revealed the implementation of theoretical data protection principles in the reality. Even if the majority of the data protection principles are established in the contracts with the cloud end-users, exist plenty of differences in the provisions of privacy policies, which may significantly influence the behaviour of the end-users.