| dc.description.abstract | Cloud computing is a type of technique that can storage and process massive demands of data through the Internet. With its high flexibility and expansibility, cloud computing has soon become popular taste. It has changed the way people store and process data, from local storage into the world of cloud. In order to sustain monumental computing, cloud provider usually deploy several data centers in different countries around the world. This came into the result of transmitting data almost every moment in cloud computing. When personal data being stored or processed in the cloud, it might imperil the privacy of personal data.
EU and some other countries restrict transferring data outside one′s jurisdiction, so as to protect information privacy of data subjects. By contrast, Personal Data Protection Act in our nation adopts a fairly loose principle of allowance. In purpose of finding how to maintain personal data protection in the cloud, this paper sets out four scenarios of cloud computing. The four scenarios are respectively placed under GDPR and Personal Data Protection Act to examine what scenario constitutes data transfer. Restricting data transfer has its own pros and cons, it′s hard to say there exit a perfect law policy that can fit in every country. By analyzing two different cogitations of policy (whether to restrict or not), this paper aims to find the best policy for our nation.
This thesis argues our nation has the urgency to restrict personal data transfer. Recently, some cloud providers start to deploy their data centers in countries where it certainly lacks of data protection and privacy care. If we don′t restrict transferring data outside foreign countries, once the data subject gets hurt by unsafe transfer, he or she can hardly claim one’s rights.
Therefore, in order to protect data subject, this paper suggests to restrict data transfer, and sets several ways for permitting transfer. With EU policy as reference, we can establish a data protection classification list of our nation, and restrict or ban data transmission to countries with low data protection levels. While protecting the individuals’ privacy, the needs of keeping data flow should be taken into account too, this paper proposes several methods that exceptionally allow transfer.
| en_US |