IP, Technology & Data

On the train* and I’ve just read this story on the BBC website, which reports on calls from Microsoft for data storage rules to be harmonised across the world.

Microsoft’s argument is that operators of worldwide online services such as email and social networking sites tend, for obvious economic reasons, to cluster their data in a couple of data centres around the world and, for operational reasons, will often tend to want to bounce data from one data centre to another, regardless of where the end user is.

However, the rules that apply to data storage and retention vary from country to country – both at the customer/user level (eg data protection legislation) and the wider corporate/regulatory level (eg accounting and audit rules). In other words, the laws in some countries are stricter than others, and all that different red tape makes things more complicated for operators of snazzy Web 2.0 services.

Facebook’s recent experiences in Canada also show that even a single country can sometimes demand that global service providers follow that country’s rules.

So what is the answer? I suspect that the European Commission’s view is that the rest of the world should step up to the data protection and privacy rules that apply in Europe. Indeed, the effect of EU data protection legislation is such that those offering a service to consumers in Europe already have to do that if they wish to store data outside the EEA. Certainly, I can’t see the EU accepting a lower global standard than that set out in the Data Protection Directive.

For that reason, I’m not sure that globally harmonised data retention and privacy rules are achievable – at least in the short term. But perhaps the lobbying might of Microsoft, IBM, Yahoo! et al will prove me wrong.

*typing this on my iPod Touch using Safari and the courtesy wifi. As a proof of concept it works (even inserting the links), but it’s a bit fiddly to do regularly. Next time I’ll try the WordPress app.

Follow me

Martin Sloan

Partner at Brodies LLP
Martin is a partner in Brodies Technology, Information and Outsourcing group and has wide experience of advising clients on technology procurement and IT and business process outsourcing projects. Martin also advises on data protection (including the GDPR), and general technology and intellectual property law, and has a particular interest in the laws applying to social media and new technology such as mobile apps, contactless/mobile payments, and smart metering.
Follow me