클라우드 서비스에서 개인정보 국외 이동에 대한 역외조항 적용

Cloud service can be defined as a service by a new computing paradigm which gives users ubiquitous access to computing resources, such as networks, servers, storage and applications through the Internet, without their purchasing and managing their individual resources. That is, cloud computing lets users enjoy the immediate and convenient cloud service according to their needs without their having to own computing resources. However, the definition neither has a consensus nor is confirmed. A cloud service functions on the basis of critical cloud computing’s technologies such as virtualization and decentralization. While virtualization and decentralization allow the cloud service to supply an ubiquitous, low cost, and stable service, uploaded data in the cloud service are stored in the cloud service provider’s datacenters abroad and move from one datacenter to another. With various data, personal data are also transferred abroad and, therefore, personal data transferred abroad cannot be protected because countries have various laws regarding personal data. Due to the characteristics of cloud service technology, it is not east or impossible to determine which country's rule should be applied to the personal data transferred abroad. Therefore, a rule regarding overseas transfers is needed so that the domestic rules can be applied in cases where an infringement performed abroad affects the security of the personal data of any domestic person.