The Cloud Security Alliance (CSA), a nonprofit organization dedicated to promoting the use of best practices for providing security assurance within cloud computing, and to provide education on the uses of cloud computing to help secure all other forms of computing, launched a Privacy Level Agreement (PLA) Working Group in the EU and a partnership with the Hong Kong Applied Science and Technology Research Institute (ASTRI) to advance cloud computing security and build capabilities that will accelerate the development of the cloud ecosystem in Hong Kong.
The PLA Working Group includes independent privacy and data protection subject matter experts, privacy officers and representatives from data protection authorities. The group will work to define compliance baselines for data protection legislation and establish best practices for defining a standard for communicating the level of privacy measures such as data protection and data security that it agrees to maintain while hosting third-party data.
"The goal of this Working Group is to create a structure for privacy disclosures that will provide both cloud providers and their customers with an objective and comparable way by which to communicate their personal data handling practices," Daniele Catteddu, managing director, EMEA (Europe Middle East and Africa) for CSA, said in prepared remarks. "This is especially problematic in the EU, which maintains the most stringent regulations on privacy as compared to the rest of the world. The PLA Working Group represents an important first step in establishing global standards for communicating the measures taken for protecting personal data in the cloud."
In addition to the establishment of the PLA, the Singapore-based organization announced a partnership with ASTRI to collaborate on applied cloud security research in order to better integrate industry and academia's efforts into a joint framework that fosters cloud computing initiatives in Hong Kong and the greater China region. The CSA's Asia-Pacific (APAC) division and ASTRI's first collaboration will be a research project under CloudCERT, a CSA initiative to enable the optimization of Computer Security Incident Response Team's (CSIRT's) functionality within cloud computing. The initiative will also see the establishment of the APAC CloudCERT operational base in Hong Kong.
"CSA research activities in Hong Kong will be a focal point for encouraging 'technopreneurship' across the APAC region and should serve to support an innovation hub for cloud computing security," Aloysius Cheang, managing director at CSA APAC, said in a prepared statement. "CSA's presence in Hong Kong will also serve as a central gateway for CSA corporate members looking to establish a presence in Hong Kong and greater China region."
The CSA recently partnered with communication technology specialist Fujitsu Laboratories of America to launch the Big Data Working Group (BDWG), programmed to crystallize best practices for security and privacy in big data, help industry and government on the adoption of best practices, establish liaisons with other organizations to coordinate the development of big data security and privacy standards, and accelerate the adoption of novel research aimed to address security and privacy issues.