Talk Title: GDPR-compliant Cloud Containers: Blockchains for Cloud Event Tracking
Abstract: The European General Data Protection Regulation (GDPR) came into effect in May 2018, and governs the storage and processing of data that would allow an individual to be recognised when processing personal data. It also focuses on increasing awareness of how user data is subsequently analysed to derive insights (particuarly for marketing purposes), and the level of engagement a user should have in this process. A key aim of this regulation is to increase accountability and transparency on how data “controllers” manage personal data. The major beneficiary is the individual, nevertheless GDPR is also applicable to businesses operating in a B2B context. This talk will describe how GDPR impacts data processors, particularly Cloud Service Providers who process personal data on behalf of data controllers. A comparison is provided about monitoring tools being used by current Cloud Service Providers to support GDPR — such as AlientVault, Sumologic, Data Dog, AWS CoudTrail and Google Stackdriver. A data hosting environment that is able to record events on user data is proposed, enabling the recording of such events in a Blockchain for subsequent verification. We describe performance trade-offs in offering such a hosting environment for user applications.