Data Localization Laws and Policy

Countries are increasingly introducing data localization laws and data export restrictions, threatening digital globalization and inhibiting cloud computing's adoption despite its acknowledged benefits. Through a cloud computing lens, this multi-disciplinary book examines the personal data transfers restriction under the EU Data Protection Directive (including the EUUS Privacy Shield and General Data Protection Regulation). It covers historical objectives and practical problems, showing why the focus should move from physical data location to effective jurisdiction over those controlling access to intelligible data and control of access to data through security measures. The book further discusses data localization laws' failure to solve concerns regarding the topical and contentious issue of mass state surveillance. Its arguments are also relevant to other data localization laws, cross-border transfers of non personal data and transfers not involving cloud computing. Comprehensive yet accessible, this book is of great value to academics in law, policy, computer science and technology. It is also highly relevant to cloud computing/technology organisations and other businesses in the EU and beyond, data privacy professionals, policymakers and regulators.