The Austrian data protection activist Max Screms got the ball rolling. On the basis of his lawsuit filed with the European Court of Justice, the chief justices ruled against the safe harbor agreement with the USA last fall. Their harsh verdict was that personal data from Europe stored on American servers and in data centers is not protected against unwanted access by American authorities and secret services.
As a result, greater attention was put on finding an alternative, namely to store the data in Europe in accordance with European law. However, one question remains: how should customers, especially smaller companies, verify that their outsourced data is really secure? One approach designed to resolve this issue is certification. “80 percent of all cloud providers would not even manage three stars“, says Tobias Höllwarth, Vice-Chairman of EuroCloud, which is an association of European providers. The EuroCloud Star Audit is prepared to deal with suspicions of granting favors. Independent testing companies from all over the world are contracted with the strict “data TÜV” audits (TÜV is an international certification and monitoring body based in Austria). One of the auditors is from Hong Kong. The all-clear signal has been given following the latest negotiations of the EU Commission with the USA. Accordingly, the USA is once again a safe harbor for European data. Nevertheless, the issue of data security continues to be in the limelight.