Just how critical is data sovereignty?

2022-10-14 10:01

We hear the term data sovereignty more and more these days.

That's strange in some ways because the rules for flinging data around the world have been a challenge for decades - particularly since the internet hit critical mass in the late 1990s and early 2000s and international data transfers went from being a rarity to the norm.

What does that actually mean? Simple: if I'm a British firm that collects data here in the UK, and stores it on a server in a different country, the laws of that country may entitle someone to access that data, possibly to a greater extent than UK law would have allowed had I stored it in a London data centre.

From a data protection point of view this is fairly straightforward, as the UK and EU regard each other's data protection legislation as "Adequate" for the safe processing of personal data.

Just like the old pre-Brexit days, we get to blame the EU for something it did on 14 April 2016: it passed Regulation 2016/679, which we now know as the General Data Protection Regulation, or GDPR. In the two-and-a-bit years between that date and GDPR coming into effect in May 2018, the people of Europe - and the world, for that matter - were educated rapidly and loudly, and became far more aware of, and knowledgeable about, the risks associated with the misuse of personal data.

We're wondering how significant data sovereignty is to our readers' organisations.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/14/just_how_critical_is_data/

#critical