Schengen Cloud

Last updated

Schengen Cloud is the concept and proposal of a Europe-only integrated electronic communication/system network which emerged after the whistleblowing and reporting on the mass surveillance activities of British and American security and intelligence agencies. [1] [2] Germany and France want to control their own networks without the United States being a middleman. [1] [3] [4] [5]

In 2014, the US trade representatives voiced their opposition to Schengen Cloud. [1] [6]

The proposal was first announced in 2011, [6] but its status is unknown as of 2021.

Related Research Articles

<span class="mw-page-title-main">Privacy</span> Seclusion from unwanted attention

Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

<span class="mw-page-title-main">Schengen Information System</span> EEA database to support law enforcement

The Schengen Information System (SIS) is a governmental database maintained by the European Commission. The SIS is used by 31 European countries to find information about individuals and entities for the purposes of national security, border control and law enforcement since 2001. A second technical version of this system, SIS II, went live on 9 April 2013. An upgraded Schengen Information System entered into operation on 7 March 2023.

Personal data, also known as personal information or personally identifiable information (PII), is any information related to an identifiable person.

Data retention defines the policies of persistent data and records management for meeting legal and business data archival requirements. Although sometimes interchangeable, it is not to be confused with the Data Protection Act 1998.

A cybersecurity regulation comprises directives that safeguard information technology and computer systems with the purpose of forcing companies and organizations to protect their systems and information from cyberattacks like viruses, worms, Trojan horses, phishing, denial of service (DOS) attacks, unauthorized access and control system attacks. While cybersecurity regulations aim to minimize cyber risks and enhance protection, the uncertainty arising from frequent changes or new regulations can significantly impact organizational response strategies.

Privacy law is a set of regulations that govern the collection, storage, and utilization of personal information from healthcare, governments, companies, public or private entities, or individuals.

Internet of things (IoT) describes devices with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other communication networks. The Internet of things encompasses electronics, communication, and computer science engineering. "Internet of things" has been considered a misnomer because devices do not need to be connected to the public internet; they only need to be connected to a network and be individually addressable.

<span class="mw-page-title-main">Cloud computing</span> Form of shared internet-based computing

Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. Large clouds often have functions distributed over multiple locations, each of which is a data center. Cloud computing relies on sharing of resources to achieve coherence and typically uses a pay-as-you-go model, which can help in reducing capital expenses but may also lead to unexpected operating expenses for users.

Cloud computing security or, more simply, cloud security, refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services, and the associated infrastructure of cloud computing. It is a sub-domain of computer security, network security, and, more broadly, information security.

<span class="mw-page-title-main">Electronic evidence</span>

Electronic evidence consists of these two sub-forms:

<span class="mw-page-title-main">General Data Protection Regulation</span> EU regulation on the processing of personal data

The General Data Protection Regulation, abbreviated GDPR, or French RGPD is a European Union regulation on information privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and human rights law, in particular Article 8(1) of the Charter of Fundamental Rights of the European Union. It also governs the transfer of personal data outside the EU and EEA. The GDPR's goals are to enhance individuals' control and rights over their personal information and to simplify the regulations for international business. It supersedes the Data Protection Directive 95/46/EC and, among other things, simplifies the terminology.

<span class="mw-page-title-main">Network sovereignty</span> Effort to create boundaries on a network

In internet governance, network sovereignty, also called digital sovereignty or cyber sovereignty, is the effort of a governing entity, such as a state, to create boundaries on a network and then exert a form of control, often in the form of law enforcement over such boundaries.

The right to be forgotten (RTBF) is the right to have private information about a person be removed from Internet searches and other directories in some circumstances. The issue has arisen from desires of individuals to "determine the development of their life in an autonomous way, without being perpetually or periodically stigmatized as a consequence of a specific action performed in the past". The right entitles a person to have data about them deleted so that it can no longer be discovered by third parties, particularly through search engines.

The main idea of Schengen Routing is to apply a European internet routing policy such that when sender and recipient are inside the Schengen Area, data between the two endpoints is also routed entirely within the Schengen area.

Data sovereignty is the idea that data is subject to the laws and governance structures of the nation where they are collected. The concept of data sovereignty is closely linked with data security, cloud computing, network sovereignty, and technological sovereignty. Unlike technological sovereignty, which is vaguely defined and can be used as an umbrella term in policymaking, data sovereignty is specifically concerned with questions surrounding the data itself. Data sovereignty as the idea that data is subject to the laws and governance structures within one nation is usually discussed in one of two ways: in relation to Indigenous groups and Indigenous autonomy from post-colonial states, or in relation to transnational data flow. With the rise of cloud computing, many countries have passed various laws around the control and storage of data, which all reflect measures of data sovereignty. More than 100 countries have some sort of data sovereignty laws in place. With self-sovereign identity (SSI), the individual identity holders can fully create and control their credentials, although a nation can still issue a digital identity in that paradigm.

The gathering of personally identifiable information (PII) refers to the collection of public and private personal data that can be used to identify individuals for various purposes, both legal and illegal. PII gathering is often seen as a privacy threat by data owners, while entities such as technology companies, governments, and organizations utilize this data to analyze consumer behavior, political preferences, and personal interests.

A data economy is a global digital ecosystem in which data is gathered, organized, and exchanged by a network of companies, individuals, and institutions to create economic value. The raw data is collected by a variety of factors, including search engines, social media websites, online vendors, brick and mortar vendors, payment gateways, software as a service (SaaS) purveyors, and an increasing number of firms deploying connected devices on the Internet of Things (IoT). Once collected, this data is typically passed on to individuals or firms, often for a fee. In the United States, the Consumer Financial Protection Bureau and other agencies have developed early models to regulate the data economy.

Regulation of algorithms, or algorithmic regulation, is the creation of laws, rules and public sector policies for promotion and regulation of algorithms, particularly in artificial intelligence and machine learning. For the subset of AI algorithms, the term regulation of artificial intelligence is used. The regulatory and policy landscape for artificial intelligence (AI) is an emerging issue in jurisdictions globally, including in the European Union. Regulation of AI is considered necessary to both encourage AI and manage associated risks, but challenging. Another emerging topic is the regulation of blockchain algorithms and is mentioned along with regulation of AI algorithms. Many countries have enacted regulations of high frequency trades, which is shifting due to technological progress into the realm of AI algorithms.

Regulation of artificial intelligence is the development of public sector policies and laws for promoting and regulating artificial intelligence (AI). It is part of the broader regulation of algorithms. The regulatory and policy landscape for AI is an emerging issue in jurisdictions worldwide, including for international organizations without direct enforcement power like the IEEE or the OECD.

<span class="mw-page-title-main">Microsoft 365</span> Subscription services offered by Microsoft

Microsoft 365 is a product family of productivity software, collaboration and cloud-based services owned by Microsoft. It encompasses online services such as Outlook.com, OneDrive, Microsoft Teams, programs formerly marketed under the name Microsoft Office, enterprise products and services associated with these products such as Exchange Server, SharePoint, and Viva Engage. Microsoft 365 also covers subscription plans encompassing these products, including those that include subscription-based licenses to desktop and mobile software, and hosted email and intranet services.

References

  1. 1 2 3 Chirgwin, Richard (7 April 2014). "USA opposes 'Schengen cloud' Eurocentric routing plan". www.theregister.com. Retrieved 29 April 2021.
  2. "Privacy, Security & The Geography Of Data Protection". www.darkreading.com. Retrieved 2024-03-27.
  3. Mitchell, Bradley (2015-01-27). "What Is a Schengen Cloud?". compnetworking.about.com. Archived from the original on 2015-01-27. Retrieved 2024-03-19.
  4. Hon, W. Kuan; Millard, Christopher; Singh, Jatinder; Walden, Ian; Crowcroft, Jon (Autumn 2016). "Policy, legal and regulatory implications of a Europe-only cloud". International Journal of Law and Information Technology. 24 (3): 251–278. doi:10.1093/ijlit/eaw006. ISSN   0967-0769 . Retrieved 2024-03-19 via academic.oup.com. This article explores key legal and regulatory issues arising from recent cloud localization initiatives, with a particular focus on calls to establish a Europe-only cloud. The analysis covers jurisdictional conflicts and extraterritoriality concerns, as well as the impact on fundamental rights such as privacy, data protection and freedom of expression.
  5. Maurer, Tim; Skierka, Isabel; Morgus, Robert; Hohmann, Mirko (2015). "Technological sovereignty: Missing the point?". 2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace. pp. 53–68. doi:10.1109/CYCON.2015.7158468. ISBN   978-9-9499-5442-1 . Retrieved 2024-03-19 via ieeexplore.ieee.org.
  6. 1 2 "US fires warning shot over Europe's plans for protectionist 'Schengen cloud'". diginomica. 7 April 2014. Retrieved 29 April 2021.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.