On 3 February 2011 the Danish Data Protection Agency (DDPA) published an opinion concerning cloud computing.
The opinion was (one of) the first of its kind issued by a European Data Protection authority. It therefore has a general interest for stakeholders within the cloud arena.
The specific DDPA case concerns a Danish municipality’s plans to use Google Apps within the school system for processing sensitive information including: data concerning health, serious social problems and other purely private matters.
In the opinion, the Danish Data Protection Agency makes specific reference to the ENISA publication Cloud Computing Security Risk Assessment, which plays an important role for the conclusions of the opinion about cloud risks. The opinion also makes a specific recommendation to use ENISA’s Cloud Computing Information Assurance Framework.
An English translation of the opinion can be found here.
It is also available from the website of the Danish Data Protection Agency:
Stay updated - subscribe to RSS feeds of both ENISA news items & press releases.