EU Parliament adopts resolution to set standards for cloud interoperability

I&#x27;ve been hoping for years that the EU will eventually mandate that a service must be obliged to delete on request - irretrievably, not by merely flagging it as &quot;deleted&quot; - any data held about a given individual.<p>To me, this is a natural part of the concept of privacy. I can have momentary privacy: the assurance that nobody is <i>currently</i> watching through my window, listening to my phone calls, or reading my emails as I send them. But there&#x27;s no assurance of future privacy if we don&#x27;t have the right to destroy our old data, wherever it may be held.<p>When people provide an entity with information, they&#x27;re doing so under the framework provided by current legislation regarding privacy and freedom of information. If these rules are subject to change - through new anti-terror legislation, for example - their information may become accessible in ways that they did not expect when it was originally provided.<p>I don&#x27;t think it&#x27;s possible to maintain any real sense of privacy while this remains the case. How can your data be considered private when it can be opened up for inspection at a later date, under a different regime? There&#x27;s currently no way to participate in a connected economy without giving away your future right to privacy.<p>Edit: and the reason I&#x27;ve been hoping the EU will do this is that, realistically, nobody else will.

Is the EU parliament really the body we want setting standards for interoperability? Things like this typically result in unintentional externalities that cost providers money and impose compliance burdens that are quickly out of date.<p>I appreciate the sentiment regarding security and interoperability, and they might be able to declare their intention to procure only systems that meet X standards, but I hope they refrain from broader impositions on commercial users and cloud providers.<p>NSA articles aside, I see businesses fleeing regulatory burdens faster than the possibility of surveillance.

Oh goodie goo, another mandatory standard by the people who brought us the EBICS bank standard, which is a freakishly complex reinvention of SFTP.<p>With EBICS, you transmit a bank command file by encrypting, encoding and wrapping it as CDATA into an XML file and then <i>repeating the process</i>. You have to use different kinds of wrapper files with different kinds of intricacies for each type of file you might upload to your bank.<p>The whole specification is 200 pages, and all it does is transfer files.

<i>Giving cloud hosts the status of Data Controllers</i><p>This is a bold move, and much more significant than some attempt at standardisation that probably won&#x27;t work.<p>It will make it more expensive to hire a VM, probably, and I wonder if there will indeed be any benefit (given that cloud providers will have to start vetting and inspecting the source code on the VMs people are running - potentially taking away all the benefits of programmatic instance deployment.)

&quot;... the standards should enable easy and complete data and service portability, and a high degree of interoperability between cloud services, in order to increase rather than limit competitiveness.&quot;<p>Come on HN, let&#x27;s help the EU. Anyone got any great ideas? Because I don&#x27;t even understand the question, much less what the answer would be.<p>Edit: notice how everyone is just &quot;assuming&quot; what they mean. The problem is not well defined.

Oh great, the useless bunch who brought you the cookie law will now take on cloud interoperability. And UN, another highly effective institution, will take on spying. I feel safer already.<p>Does anyone here really believes that any of this is going to make a measurable, positive difference in a regular Internet user&#x27;s life? That somehow more government meddling is a cure for government meddling? Weren&#x27;t European spy agencies cooperating with the Americans?<p>It&#x27;s yet another power grab of the &quot;no crisis should go to waste&quot; kind.

How about just starting with standards for downloading one&#x27;s own data from cloud operators?<p>Maybe legislate an easy way to download all my emails from gmail and upload them to outlook.com. Wouldn&#x27;t that be very useful?

We&#x27;ve got your cloud interoperability right here:<p><pre><code> ssh user@rsync.net s3cmd get s3:&#x2F;&#x2F;rsynctest&#x2F;mscdex.exe ssh user@rsync.net s3cmd ls s3:&#x2F;&#x2F;rsynctest </code></pre> Done and done.<p>Ask about discounts for HN readers.

The good stuff could be interop. The bad stuff would be silly extra regulations providers have to undergo.

Any idea how long it would take before the first draft is out?