Jump to Navigation

 

Scope

Key Principles

  1. The focus of the Cloud Accountability Project is accountability under data protection laws for personal data processed in cloud service provision ecosystems [1].
  2. We will consider accountability obligations owed by cloud service providers, and organisations that use cloud services, to data subjects and data protection regulators. Accountability of individuals in a private context is excluded, although accountability of service providers for the actions (or inactions) of their employees is in scope.
  3. We will also consider how our proposed accountability mechanisms might apply to certain types of confidential information that do not involve personal data [2].
  4. Government surveillance, including government acquisition of data from cloud service providers [3], is outside the scope of this project, except where it relates specifically to a data protection law accountability mechanism.