Cloud computing data protection aspects under Croatian and European union law

In the introduction authors explain recent developments with regard to regulation of personal data protection aspects of cloud computing services at European Union level. This is followed by analysis of the relevant EU legal framework and interpretations on its application to data processing in the context of cloud computing, and of the data protection legal framework of the Republic of Croatia and guidance on data protection in cloud computing issued by the relevant regulatory authority, i.e. Personal Data Protection Agency. Authors next examine proposed new EU general data protection framework that is currently in legislative process (Proposal for General Data Protection Regulation). This research focuses on selected provisions of the most recent draft text adopted by the European Parliament (amending the 2012 Commission´s original proposal) that are likely to significantly impact the EU cloud computing market. Authors conclude overall analysis in the paper with assessment of likely impacts of analyzed solutions for cloud computing clients and providers, and in relation to legislation that is currently in force. While estimating that relevant legislation and practice in Croatia will further develop in line with the EU framework, research in this paper aims to more generally contribute to development of domestic legal writing in the area and to the raising of public awareness on legal data protection issues that need to be considered when switching to domesticthe cloud.