Sir, – The Irish Times reports regularly on the progress of cloud computing and on the concerns of European business leaders regarding data security in the cloud. It has been noted recently ( IET Engineering & Technology magazine and New Scientist ) that laws passed in 2008 in the United States permit the US government to access at any time, without prior notice or permission, information stored by non-US organisations or individuals on services such as cloud computing run by US organisations.
Given that Irish government agencies and commercial organisations such as banks are now considering turning to cloud computing, and that cloud computing services are offered by US companies operating in Ireland, I am concerned that people’s personal data such as medical records, tax records, and bank details, may not be adequately protected from third parties if stored in this way.
It is vital that any procurement process for cloud computing services where personal information will be stored adequately addresses this issue, and that all such storage is overseen by the Data Protection Commissioner.
Personal information, once it leaves an in-house computer storage system is all too easily available to those for whom it was not intended. But do we at present even have any rights to know how and where our personal details are being stored by the organisations that collect them? – Yours, etc,
Dr RACHEL CAVE,
Knocknacarra Park,
Galway.