7th January 2019

2018 Symposium: Compliance as a Service

Microsoft Cloud Computing Research Centre, 5th Annual Symposium
17-18 September 2018, St John’s College, Cambridge, UK

With the General Data Protection Regulation (GDPR) coming into effect in 2018, data protection was once again thrust into the spotlight – driven largely by the complexity of GDPR’s expanded compliance requirements combined with the significant fines that can now be levied against organisations in breach. Yet, where such challenges emerge, so too do opportunities. Thus, ‘Compliance as a Service’ was the theme of our 2018 Symposium. Through the lenses of both computer science and law, we looked beyond the hype and hysteria to understand the impact of the GDPR in the real world and consider the extent to which cloud service providers are offering – and will in practice be able to – help users of their services to comply.

To accompany and facilitate the discussions, the MCCRC team disseminated four papers on the technical, legal and policy considerations around Compliance-as-a-Service and presented key findings at the Symposium. In addition, the team provided lightning-talk presentations on a range of topics, showcasing the breadth of the MCCRC’s ongoing research. The papers and presentations can be found below.

Compliance-as-a-Service Papers and Presentations:

1. A snapshot of the impact, opinions, and challenges of GDPR compliance for tech start-ups
Chris Norval, Jatinder Singh
Paper pending publication
Slides: GDPR Snapshot Survey

2. A review of GDPR-mandated contractual relationships between providers and customers of enterprise cloud services
Dimitra Kamarinou, Christopher Millard, Isabella Oldani
Paper: Compliance-as-a-Service
Slides: Compliance-as-a-Service

3. Cybersecurity in the clouds: regulating cyber risks in the air transport sector
Dave Michels, Ian Walden
Paper: How safe is safe enough?
Slides: Cybersecurity in the Clouds

4. Technology for accountability
Jatinder Singh
Paper: Accountability in the IoT: Systems, Law & Ways Forward
Slides: Compliance & Accountability: tech landscaping

Lightning Talks Papers and Presentations:

1. Judicial Review of Automated Public-Sector Decision-Making
Jennifer Cobbe
Paper: Administrative Law and the Machines of Government
Slides: Administrative Law and Automated Public-Sector Decision-Making

2. Blockchain and Sustainability in the Global Energy Value Chain
Lauren Downes, Chris Reed
Paper: Blockchain for Governance of Sustainability Transparency in the Global Energy Value Chain
Slides: Blockchain and Transparency for Sustainability

3. Personal Data Stores
Heleen Janssen
Paper to follow
Slides: Personal Data Stores

4. Cloud Robotics
Eduard Fosch Villaronga, Christopher Millard
Paper: Cloud Robotics Law and Regulation
Slides: Cloud Robotics Law and Regulation