What to do for privacy after Safe Harbor? Syncplicity has an idea

The cloud storage and collaboration company will let customers make sure European data stays in Europe

Court of Justice of the European Union

The Court of Justice of the European Union, in Luxembourg, is the EU's highest court.

Credit: Court of Justice of the European Union

Data privacy law is murky since Europe's highest court struck down the Safe Harbor agreement long used between the U.S. and Europe. Some cloud storage vendors now plan to help enterprises adjust to the new reality. 

Last week, Amazon announced it will build a datacenter in London by 2017 to ensure data sovereignty for local users there. Now Syncplicity, a cloud storage and collaboration specialist, will let customers make sure their data stays in Europe and is controlled there.

The Safe Harbor arrangement between the U.S. and the European Union let companies transfer information across the ocean for years without running afoul of European privacy laws. Cloud storage companies could use datacenters located in the U.S. for information about European customers.

Last month's ruling in the Court of Justice of the European Union said Safe Harbor wasn't enough. Legal authorities are working on arrangements that would provide reliable privacy protection, but that effort is expected to take years.

In the wake of the ruling, companies that store data in the cloud may determine they're legally bound to keep all information about European customers in Europe. Starting next year, Syncplicity will make that a clickable option.

EMC sold Syncplicity to a private equity firm earlier this year. The company offers subscribers a range of ways to store their data: They can keep it on their own premises, in a private cloud, in Syncplicity's public cloud, or in some combination of those. They can access that data from desktops, laptops and mobile devices.

The new option coming in 2016 will let users select the storage region of their choice with one click and no additional steps, Syncplicity says. That could mean choosing clouds based in Europe as the sole repository for their files.

Also next year, the company will go one step further to help ensure data is protected under European privacy law. It will set up a Syncplicity Cloud Orchestration Layer in Europe so data stored on the continent isn't even controlled in the U.S. Metadata used in managing the stored information, such as user names, email addresses and file names, will be stored and processed in Europe.

As an additional step while new rules are worked out, Syncplicity now includes so-called Model Clauses in its Cloud Services Agreements. Those clauses, crafted by the European Union, are designed to meet privacy requirements. Microsoft and other companies already use them.

Download the CIO October 2016 Digital Magazine
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies