August 13, 2012
An interview with Paolo Balboni, Scientific Director of the European Privacy Association and Founding Partner at ICT Legal Consulting in Milan
On September 24 – 25, 2012 cloud computing experts and end-users from around the world will gather at the ISC Cloud'12 Conference at the Dorint Hotel in Mannheim, Germany. The conference will focus on compute and data intensive applications, their resources needs in the cloud, and strategies on implementing and deploying cloud infrastructures.
ISC Cloud Conference Chairman Wolfgang Gentzsch spoke with Paolo Balboni, the Scientific Director of the European Privacy Association and a Founding Partner at ICT Legal Consulting in Milan, who will be a speaker at the conference's HPC Cloud Challenges panel discussing legal aspects of cloud computing.
HPC in the Cloud: Paolo, thank you for joining us at this year's ISC Cloud conference. You are providing legal advice to multinational companies and public administrations in highly actual ICT areas like personal data protection, cloud computing, big data, Web 2.0 service providers' liability, intellectual property rights, and many more. These areas seem to be dangerous minefields for all those who have to deal with ICT in a global world, either as consumers or as providers. To start with, what are currently the biggest concerns about moving to the cloud?
Paolo Balboni: Clearly the biggest concerns are data protection and data security.
HPC in the Cloud: Can we make a practical example around this? Say Company A migrates its Customer Relationship Management to the cloud, using Infrastructure-as-a-Service offered by a cloud service provider. In case of a data security breach, who will then be liable towards Company A's customers?
Paolo Balboni: Company A will be liable for it. In fact, Company A (in its quality of Data Controller) is responsible for what the cloud service provider does (in his quality of Data Processor). More precisely, Company A is required by law to choose a cloud service provider that provides sufficient guarantees on technical security measures and organizational measures governing the processing to be carried out. And Company A must ensure compliance with such measures.
HPC in the Cloud: So how can Company A effectively control the cloud service provider's data processing and prevent unlawful activities?
Paolo Balboni: Prior to migrating to the cloud, companies should carefully verify the data privacy and data security policy of cloud service providers and choose the one that offers a high level of data protection. Moreover, companies should also regularly monitor the data protection compliance of the selected cloud service provider and look into limitations and exclusions of liability clauses. Cloud service providers that do not provide transparency and have unreasonable limitations and exclusions of liability clauses in their conditions of service should be avoided.
HPC in the Cloud: In mainstream cloud computing the application – like the one we just mentioned – resides as a Web service persistently in the cloud; it does not move back and forth over the Internet each time a service is requested, except a few data for requesting and obtaining the service. Are we facing similar legal issues if we move a whole engineering application like for example a CAE simulation code and the related geometry data of an automobile to an HPC Cloud like Amazon EC2 or Penguin on Demand?
Paolo Balboni: I think that this example does not bring about privacy issues because geometry data (e.g., of an automobile) are not considered personal data. Personal data are defined in Art.2.a of the Directive 95/46/EC as "any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity."
HPC in the Cloud: There has been a lot of discussion and concern about a generally inadequate legal framework for cloud computing. What can companies do in such a situation to migrate to the cloud, yet minimizing the legal risks?
Paolo Balboni: Companies should work on the cloud service agreement. In this respect, the Article 29 Working Party has recently published an opinion addressing appropriate contractual safeguards. In the opinion it is stated that "security, transparency and legal certainty for clients should be key drivers behind the offer of cloud computing services". I could not agree more. And companies can achieve such objectives by accurately negotiating the right controls on the cloud service providers and relevant warranties.
HPC in the Cloud: Big data is really the catch phrase of the moment. Proliferation of data and increasing demand for computational resources from cloud infrastructure providers, for example, represent a great business opportunity for companies. What about privacy and data protection?
Paolo Balboni: Rigorous data protection compliance management throughout the whole data lifecycle is key. Companies will be advised on how to store, protect, and analyze large amount of data and turn it into valuable information to improve their businesses. However, data - unless anonymized – can only be processed for the purposes they were collected for. So it is important to have a strategic and accurate approach to data protection compliance in order to collect personal data already in a way to enable further lawful processing activities. The difference for a company between dying buried under personal data and harnessing their value is directly related to privacy compliance management. Big data will prove that a strategic and accurate approach to data protection can really generate a return of investment.
Jun 19, 2013 |
Ruan Pethiyagoda, Cameron Boehmer, John S. Dvorak, and Tim Sze, trained at San Francisco’s Hack Reactor, an institute designed for intense fast paced learning of programming, put together a program based on the N-Queens algorithm designed by the University of Cambridge’s Martin Richards, and modified it to run in parallel across multiple machines.
Jun 17, 2013 |
With that in mind, Datapipe hopes to establish themselves as a green-savvy HPC cloud provider with their recently announced Stratosphere platform. Datapipe markets Stratosphere as a green HPC cloud service and in doing so partnering with Verne Global and their Icelandic datacenter, which is known for its propensity in green computing.
Jun 12, 2013 |
Cloud computing is gaining ground in utilization by mid-sized institutions who are looking to expand their experimental high performance computing resources. As such, IBM released what they call Redbooks, in part to assist institutions’ movement of high performance computing applications to the cloud.
Jun 06, 2013 |
The San Diego Supercomputer Center launched a public cloud system for universities in the area designed specifically to run on commodity hardware with high performance solid-state drives. The center, which currently holds 5.5 PB of raw storage, is open to educational and research users in the University of California.
05/10/2013 | Cleversafe, Cray, DDN, NetApp, & Panasas | From Wall Street to Hollywood, drug discovery to homeland security, companies and organizations of all sizes and stripes are coming face to face with the challenges – and opportunities – afforded by Big Data. Before anyone can utilize these extraordinary data repositories, however, they must first harness and manage their data stores, and do so utilizing technologies that underscore affordability, security, and scalability.
04/02/2012 | AMD | Developers today are just beginning to explore the potential of heterogeneous computing, but the potential for this new paradigm is huge. This brief article reviews how the technology might impact a range of application development areas, including client experiences and cloud-based data management. As platforms like OpenCL continue to evolve, the benefits of heterogeneous computing will become even more accessible. Use this quick article to jump-start your own thinking on heterogeneous computing.