The interplay between big data and cloud computing is at the same time undoubtedly promising, challenging and puzzling. The current technological landscape is not without paradoxes and risks, which under certain circumstances may raise liability issues for market operators. In this article we illustrate the several challenges in terms of security and resilience that market operators face as their overcoming is of strategic importance for businesses wishing to be deemed privacy-respectful and reliable market actors. After a brief overview of the potentialities and drawbacks deriving from the combination of big data and cloud computing, this article illustrates the challenges and the obligations imposed by the European institutions on providers processing personal data – pursuant to the General Data Protection Regulation – and on providers of digital services and essential services – according to the NIS Directive. We also survey the European institutions’ push towards the development and adoption of codes of conduct, standards and certificates, as well as their last proposal for a new Cybersecurity Act. We conclude by showing that, despite this articulate framework, big data and cloud service providers still leverage on their strong market power to use “contractual shields” and escape liability.
Cybersecurity and liability in a big data world
Montagnani, Maria Lillà;
2018
Abstract
The interplay between big data and cloud computing is at the same time undoubtedly promising, challenging and puzzling. The current technological landscape is not without paradoxes and risks, which under certain circumstances may raise liability issues for market operators. In this article we illustrate the several challenges in terms of security and resilience that market operators face as their overcoming is of strategic importance for businesses wishing to be deemed privacy-respectful and reliable market actors. After a brief overview of the potentialities and drawbacks deriving from the combination of big data and cloud computing, this article illustrates the challenges and the obligations imposed by the European institutions on providers processing personal data – pursuant to the General Data Protection Regulation – and on providers of digital services and essential services – according to the NIS Directive. We also survey the European institutions’ push towards the development and adoption of codes of conduct, standards and certificates, as well as their last proposal for a new Cybersecurity Act. We conclude by showing that, despite this articulate framework, big data and cloud service providers still leverage on their strong market power to use “contractual shields” and escape liability.
| File | Dimensione | Formato | |
|---|---|---|---|
|
MCLR_VII_2.pdf
accesso aperto
Descrizione: Articolo
Tipologia:
Pdf editoriale (Publisher's layout)
Licenza:
PUBBLICO DOMINIO
Dimensione
1.47 MB
Formato
Adobe PDF
|
1.47 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
