What are the issues with Data Protection and US hosting
What are the issues with Data Protection and hosting in the US?
Is it illegal as they say to host UK or European data in the US?
I assume that this is the UK data protection act you’re talking about? If so, it applies to personal information that can be used to identify somebody.
As far as I understand the DPA, you have to have permission from people to store their personal data abroad, or to list the USA in the list of countries when you register with the information commissioner. You also have to ensure that it is “adequately protected”.
However, I have heard that the USA doesn’t have DP laws that are in line with the UK/EU ones, so that may complicate the issue. I know of some companies who do store personal data on US servers though, and they are doing it legally, or at least appear to be.
I’m afraid I can’t help with the finer points. I’ve been looking into it myself recently - I have a database of user details that I need to make available to all other users, and although I think I might be exempt from registering, I can’t be sure - the site’s legalese is a little hard to interpret.
http://www.ico.gov.uk has more info for you, and has some phone numbers about registering that might help - although I haven’t got round to ringing them yet. If anyone else has some friendlier URLs or experience in these matters, please help.