Benefits and

Drawbacks of
Cloud Storage
A Comparative Analysis of
Cloud vs. Local Storage
 •Cloud storage 20tb: £3840 per
year
•In the long run, cloud storage

Cost
can lead to significant cost
savings due to reduced
maintenance, upgrade, and
operational expenses.
Organizations can avoid the

Comparis
costs associated with hardware
depreciation and complex IT
management, making cloud
options financially attractive.

on
•Local storage 20tb £9000 per
year
•Conversely, local storage may
incur higher overall costs due
to necessary upgrades and
potential downtime, impacting
productivity and profitability.
•Energy Consumption of Data
Centers

•Data centers account for about 1-

2% of global electricity
consumption, highlighting their
significant energy demands. Their
rising usage poses sustainability
challenges, necessitating
improvements in efficiency and
renewable energy adoption.
•Carbon Footprint of Local Storage

•Local storage solutions often

involve manufacturing and
transport, contributing to their
overall carbon footprint. The
materials and energy used in
these processes can lead to
carbon emissions potentially
outweighing the benefits of local
use.
•The Convenience of
Cloud Storage

•Cloud storage provides

unmatched accessibility,
allowing users to access
their data anytime and
anywhere with internet
connectivity. This
flexibility facilitates
remote work and
collaboration across
distances
•Scalability of Solutions

•Cloud storage solutions can

easily scale with a business's
growth, accommodating
increasing storage needs
without physical infrastructure
investments. Dynamic resource
allocation allows businesses to
adjust their storage quickly
based on demand.

•Unlike local storage, where

capacity upgrades require
physical hardware, cloud
services provide on-demand
scalability to ensure businesses
always have sufficient storage
as they expand.
•Understanding GDPR and
Data Protection Act

•Principles, Applications, and

Comparisons
Overview of
Data Protection
Principles
• Data protection principles
are foundational rules
guiding the collection,
processing, and storage of
personal data. They ensure
that individual rights are
respected and protected in
the digital age.
Key Principles of GDPR

GDPR consists of several

key principles, such as
lawfulness, fairness,
transparency, purpose
limitation, data
minimization, accuracy,
storage limitation, integrity,
confidentiality, and
accountability. These
principles guide all data
processing activities.
 The Data Protection Act includes
principles focusing on fairness,
necessity, proportionality, and the
Key Principles of Data
protection of personal information.
Protection Act
It emphasizes the importance of
transparency in how data is
handled.
Purpose Limitation

Purpose limitation stipulates that data collected for a

specific purpose should only be used for that purpose.
This principle prevents misuse and unauthorized access
to personal data.
Data Minimization

Data minimization requires that only data necessary for a

specified purpose should be collected and processed. This
principle reduces risks associated with data breaches and
protects individual privacy.
Accuracy

The accuracy principle mandates

that personal data must be accurate
and kept up to date. Inaccurate data
can lead to wrongful decisions and
erode trust between individuals and
organizations.
Storage Limitation

This principle states that personal data

should be kept no longer than
necessary for the purposes for which it
was processed. It aims to reduce the
risk of data breaches by limiting data
retention periods.
Integrity and Confidentiality

The integrity and confidentiality principle

emphasizes the need to protect personal data
against unauthorized processing, loss, or
destruction. Implementing security measures is
crucial for compliance with data protection laws.
Accountability

Accountability requires that organizations demonstrate compliance with data

protection principles and be responsible for their data handling practices.
Regular audits and assessments help maintain accountability in data processing.
Who Does the Data
Protection Act Apply To?

The Data Protection Act

primarily governs organizations
and individuals within the UK
that collect and process
personal data. This includes
businesses, charities, and
public authorities, ensuring that
they adhere to the established
principles of data protection,
regardless of size or scope.
Who Does GDPR Apply To?

The General Data Protection Regulation

(GDPR) applies to all organizations
processing personal data of individuals
located in the EU, regardless of the
organization's location. This means that
non-EU based companies must also
comply when handling EU citizens' data.
What Do They Apply to?

Both the Data Protection Act and GDPR apply to personal data, which is any
information relating to an identified or identifiable individual. The acts cover
data processing activities by organizations across various sectors, promoting
safeguarding of personal information.
Responsibilities of Data
Controllers

Data controllers are

responsible for determining
the purposes and means of
processing personal data.
Under both acts, they must
comply with legal
requirements, adding security
measures to protect personal
data.
Rights of Data Subjects

Both GDPR and the Data Protection Act grant data subjects specific rights,
including the right to access, correct, and erase their personal data. These
rights allows people to keep control over their personal information and demand
accountability from organizations.
Types of Data under Data Protection Act

The Data Protection Act applies to personal data, which includes any
information relating to an identified or identifiable individual. This applies
to names, contact details, and identification numbers, ensuring
individuals' data is managed in compliance with legal standards.
Types of Data under GDPR

GDPR extends the definition of

personal data to include any
information pertaining to an
individual, such as location data,
online identifiers, and genetic or
biometric data. The regulation
enhances privacy protection in a
digital landscape.
Defining Personal Data

Personal data refers to any

information that can identify a
person directly or indirectly,
including names, addresses, and
IP addresses. Both GDPR and the
Data Protection Act prioritize the
protection of this sensitive
information to uphold privacy
rights.
Special Categories of Data

Special categories of personal data

include sensitive information such as
health data, racial or ethnic origin, and
sexual orientation. Both GDPR and the
Data Protection Act impose stricter
conditions on the processing of this type
of data to safeguard privacy and prevent
discrimination.
Data Processing Activities

Data processing encompasses any

operation performed on personal
data, such as collection,
recording, storage, or
dissemination. Understanding
these activities is essential for
compliance with data protection
laws, ensuring organizations act
responsibly with personal
information.
Key Differences

The GDPR provides a broader

application across EU member
states, whereas the Data
Protection Act is the UK's local
adaptation. GDPR emphasizes
individual rights and imposes
stricter legal responsibilities on
organizations.
Principles Count

GDPR outlines six core principles

guiding data processing, whereas
the Data Protection Act includes
eight principles. The focus on a
limited set of principles in GDPR
reflects a push for simplicity and
practical compliance.
Enforcement Mechanisms

GDPR enforcement is led by

designated supervisory authorities
with the power to investigate and
penalize. The Data Protection Act
enforcement mirrors this but
operates within the UK regulatory
framework, reflecting Brexit
adjustments.
Fines and Penalties

Under GDPR, fines can reach up to 20 million

euros or 4% of global turnover, whichever is
higher. The Data Protection Act also allows
similar fines but typically operates within a lower
penalty framework, reflecting legal distinctions.
Impact on Organizations GDPR drives companies to adopt comprehensive data
management strategies, enhancing accountability. The Data
Protection Act similarly promotes responsible data handling
but may offer more flexibility in compliance procedures
within the UK context.