What are the options for secure data storage, following the European Court’s Ruling on Safe Harbour?

For Secure Data Storage, any Port in a Storm simply won’t do.  

Praise in the UK for a European Court Ruling – we’re not used to that.

Currently, in the UK, it’s difficult to avoid the growing tide of anti-EU sentiment, which is only likely to continue to increase in the build up to the UK’s referendum on membership in 2017. However, before you become enmeshed in the lobbyists’ nets, often woven together around an argument that we shouldn’t be subjected to laws handed down from Brussels, (or, in this case Luxembourg), consider this:

The European Court of Justice (ECJ) has recently come out with a ruling that, according to US whistle blower Edward Snowden, could “change the world for the better” and that most certainly ought to have a positive effect on the way that UK Businesses store their own and their clients’ data.

 Secure Data storage is of paramount importance – it has to be safe.

In brief, the ruling of the European Court was that electronic data stored in the USA, under the terms of an agreement called “Safe Harbour”, was insufficiently protected and that the operation of Safe Harbour failed to match the level of data protection required under European Law.

The specifics of the case surrounded the sharing of data by Facebook with the US National Security Agency (NSA), the former, allegedly, permitting the latter to effectively snoop on clients’ data held in its records. The long and the short of the ruling was that Safe Harbour isn’t safe at all and can therefore no longer be relied upon.

Reports on reactions from large, US based internet businesses, who have an awful lot of UK customer’s data stored up, suggest that they won’t necessarily move operations to Europe – where data storage centres would then necessarily fall within the ambit of the more rigorous EU laws - but might instead seek to replace or re-invent the provisions of Safe Harbour, or, alternatively, look to rely on individual contractual agreements with customers that essentially accept that data handed over and stored in the US is then managed and secured under US legislation. Others have, however announced plans to build secure Data Storage Centres in the EU.

 Fully Understanding this ruling is important for all the Small Fish caught up in its net.

The ruling represents something of a tidal shift in trans-Atlantic Internet business relations, but are you left feeling all at sea? Do legal decisions made in Luxembourg seem too remote to engage you? Well, let’s put what’s happened in to perspective…and try to offer you some shelter from the storm.

Sticking with the maritime metaphor, imagine you are a small scale trawler man, fishing for a catch out at sea, day in and day out – and that’s the way you earn a living.

You work out of a home port that’s convenient for you, easily accessed and cost efficient, and where you have consistently landed your catch for a number of years. Once offloaded from your boat, that catch is stored on your behalf, by an independent agency, managed by the Port authorities, whom you trust to ensure that your stock of fish is safe. The work of the Port authorities is overseen by a National body or agency, but you’ve never perceived that as a threat. Everything on shore seems well run and supportive of your endeavours out at sea.

One day you learn that the Port authorities have been allowing the National body that oversees its work to remove significant quantities of your stock from the storage facility, because, apparently there are concerns about where the fish you’ve landed have been caught and whether quotas were being observed. No one had sought permission from you for this – which is ironic as, having no particular argument against close scrutiny of your work, you may well have agreed to assist as fully as possible. No, it is rather the undisclosed and underhand removal of your fish from your store that is the issue. When this becomes public knowledge the upshot is that your customers are now saying they might terminate contracts and buy elsewhere, not because they don’t trust you, but because they can’t be sure what’s going on at the storage facility, or who is in charge of the fish they have on order that is kept there. This potential knock on effect is well worth keeping in mind. The security violation affects you and your customers!

It appears you are at the mercy of others and those others appear to have unlimited access to and are happy to share your stock with undisclosed third parties, whenever they see fit. As a consequence, thought through no fault of your own, your reputation in the industry is very much at risk.

What are the options: to call on expensive lawyers to fight your corner; to negotiate with the Port authorities for better arrangements, or to just sit things out and wait and see what happens down the line? None seem viable and none solve the immediate problem of reassuring your clients that your business practices are sound.

What you need is better, more secure protection for the fish! Perhaps even your own lock on the harbour stores, so no one else can get in without your permission. Essentially, that’s what the European Court Ruling is saying – better protection should be the norm. Fish, or Data, stored in the USA under Safe Harbour is a rotten deal for you and could leave a nasty smell in the air.

 Keynote recommendations – Any Port in a Storm simply won’t do.

Following the European Court’s Ruling on Safe Harbour, what should a UK based SME be now doing.

If you currently back-up your data to DropBox, which stores data in the USA and initially responded to the ruling by saying it has no immediate plans to establish EU based facilities, or to any other US based facility, perhaps it’s time to reconsider your options.

A keynote recommendation, which fully supports the more stringent European model for data protection is that saved, stored data should be encrypted so that only its owner can obtain immediate, automatic access to it.

Proficient Systems Ltd provides a Cloud back-up data storage option with its own secure server equipment with no shared rackspace in someone else's large building, our servers are located in the Wales in secure buildings, with its own back-up facilities elsewhere in the UK.

 We ensure our Cloud based Back-Up data storage services protect your information and put you in charge, at all times,  of who gets to see your records. It’s an affordable option and it’s available now. Following the European Court’s ruling on Safe Harbour we invite you to bring your ship in from the storm that’s raging and, by anchoring your business to a rock solid proposition, keep your data protected as safely and securely as possible.