Storing data in the cloud

Cloud storage has become commonplace for many people now, and providers such as Google Drive, One Drive, Dropbox, iCloud or Box can be incredibly useful, and in some instances, perfectly appropriate tools for research projects.  However, cloud storage is not necessarily secure or permanent, with noted instances of hacking and information being released to those that it should not be.

In addition to issues around permanence and security, there are legal aspects to consider. Cloud storage may be based abroad and its use could thus breach the law.  For example, the General Data Protection Regulation (GDPR) states that personal data can only be transferred or stored outside the EU if safeguards have been put in place, e.g. where participants have agreed to have their data stored outside the EU or an EU/US Privacy Shield Agreement has been put in place.

Whilst it is recommended that cloud storage systems be avoided for high risk information such as data on personal, special categories or that which is commercially sensitive, it can be useful for the storage and provision of ‘low risk’ data.  Data can be safeguarded with encryption to some degree but this would still not meet the requirements of data protection legislation in cases where the data are stored outside the EU.  Ultimately, we should remember that what using cloud storage entails is giving custody of the data to someone else and then requesting that they allow you to access it.

Click here for page 6 of 14

Last modified: Monday, 4 January 2021, 2:51 PM