Stimulating discussions on applying EU GDPR in Brazil. Read on & find major take-aways from EUBrasilCloudFORUM Workshop
EUBrasilCloudFORUM Open Workshop took place on 9th and 10th November 2016, in Brussels, at the European Commission, in conjunction with the annual EU-Brazil Policy Dialogue in ICT
Europe and Brazil are experiencing today a unique opportunity to work on an EU-Brazil harmonised data protection framework, with the EU’s General Data Protection Regulation (GDPR), harmonising the data protection laws across the Member States, which could be a good example to apply in Brazil, where a new law proposal is currently under discussion by a special commission dealing with data collection and protection.
Trustworthy cloud for Industry 4.0
IT transformation projects within companies is very difficult and that is where the trust comes in. IT transformation is also people transformation. There is no curriculum that includes cloud infrastructure in Brazil. How do we bring about the next generation of people to work on this transformation. Certification is booming all over the world and at the same time, but the Universities are just not there yet.
Standardisation of contracts is also needed as business contracts need to be signed and customers cannot be expected to deal with too many different types of contracts.
Enlarging the Federation paradigm (responding to the market needs)
Cloud federation today goes far beyond to technology federation: it encompasses federated billing and accounting and those “de facto” standards that comply to market. Many other barriers – from banks, from new business based on hybrid cloud, from the focus on SaaS – prevent today the creation of a strong European (but Brazilian as well) Cloud Computing market. Standardization is convergence on best practices (de facto standard) where small margins consolidate few interfaces.
Privacy awareness first. Secure applications come second.
Is the perception of privacy the same in Brazil and EU? When we have an agreed vision of what is the private data and what needs to be protected, we can move towards solving the technical issues. No matter if other countries are protected, if I am not guaranteed where the data will end up, it is meaningless. An open issue is how to enforce and control the privacy agreements, like Service Level Agreements. How can individuals verify in real time that the policy is conforming to their contracts?
Read more in the report downloadable here