Benefits and

Drawbacks of Cloud
Storage
A Comparative Analysis of
Cloud vs. Local Storage
• Cloud storage 20tb: £3840 per year
• In the long run, cloud storage can
lead to significant cost savings due to
reduced maintenance, upgrade, and
operational expenses. Organizations
can avoid the costs associated with
hardware depreciation and complex IT
management, making cloud options
financially attractive.

• Local storage 20tb £9000 per year

• Conversely, local storage may incur
higher overall costs due to necessary
upgrades and potential downtime,
impacting productivity and profitability.
• Energy Consumption of Data Centers

• Data centers account for about 1-2% of

global electricity consumption, highlighting
their significant energy demands. Their
rising usage poses sustainability challenges,
necessitating improvements in efficiency
and renewable energy adoption.
• Carbon Footprint of Local Storage

• Local storage solutions often involve

manufacturing and transport, contributing to
their overall carbon footprint. The materials
and energy used in these processes can
lead to carbon emissions potentially
outweighing the benefits of local use.
• The Convenience of Cloud
Storage

• Cloud storage provides

unmatched accessibility,
allowing users to access their
data anytime and anywhere with
internet connectivity. This
flexibility facilitates remote work
and collaboration across
distances
• Scalability of Solutions

• Cloud storage solutions can easily

scale with a business's growth,
accommodating increasing storage
needs without physical infrastructure
investments. Dynamic resource
allocation allows businesses to adjust
their storage quickly based on
demand.

• Unlike local storage, where capacity

upgrades require physical hardware,
cloud services provide on-demand
scalability to ensure businesses
always have sufficient storage as they
expand.
Overview of Data
Protection
Principles
• Data protection principles are
foundational rules guiding the
collection, processing, and
storage of personal data. They
ensure that individual rights
are respected and protected in
the digital age.
Key Principles of GDPR

GDPR consists of several key

principles, such as lawfulness,
fairness, transparency, purpose
limitation, data minimization,
accuracy, storage limitation,
integrity, confidentiality, and
accountability. These principles
guide all data processing activities.
 The Data Protection Act includes
principles focusing on fairness,
necessity, proportionality, and the
Key Principles of Data Protection Act
protection of personal information. It
emphasizes the importance of
transparency in how data is handled.
Purpose Limitation

Purpose limitation stipulates that data collected for a specific

purpose should only be used for that purpose. This principle
prevents misuse and unauthorized access to personal data.
Data Minimization

Data minimization requires that only data necessary for a specified

purpose should be collected and processed. This principle reduces risks
associated with data breaches and protects individual privacy.
Accuracy

The accuracy principle mandates that

personal data must be accurate and kept
up to date. Inaccurate data can lead to
wrongful decisions and erode trust
between individuals and organizations.
Storage Limitation

This principle states that personal data

should be kept no longer than necessary for
the purposes for which it was processed. It
aims to reduce the risk of data breaches by
limiting data retention periods.
Integrity and Confidentiality

The integrity and confidentiality principle emphasizes

the need to protect personal data against
unauthorized processing, loss, or destruction.
Implementing security measures is crucial for
compliance with data protection laws.
Accountability

Accountability requires that organizations demonstrate compliance with data protection

principles and be responsible for their data handling practices. Regular audits and
assessments help maintain accountability in data processing.
Who Does the Data Protection Act
Apply To?

The Data Protection Act primarily

governs organizations and
individuals within the UK that
collect and process personal data.
This includes businesses,
charities, and public authorities,
ensuring that they adhere to the
established principles of data
protection, regardless of size or
scope.
What Do They Apply to?

Both the Data Protection Act and GDPR apply to personal data, which is any information
relating to an identified or identifiable individual. The acts cover data processing activities by
organizations across various sectors, promoting safeguarding of personal information.
Responsibilities of Data Controllers

Data controllers are responsible for

determining the purposes and
means of processing personal
data. Under both acts, they must
comply with legal requirements,
adding security measures to
protect personal data.
Rights of Data Subjects

Both GDPR and the Data Protection Act grant data subjects specific rights, including the
right to access, correct, and erase their personal data. These rights allows people to keep
control over their personal information and demand accountability from organizations.
Types of Data under Data Protection Act

The Data Protection Act applies to personal data, which includes any information
relating to an identified or identifiable individual. This applies to names, contact
details, and identification numbers, ensuring individuals' data is managed in
compliance with legal standards.
Types of Data under GDPR

GDPR extends the definition of

personal data to include any
information pertaining to an individual,
such as location data, online identifiers,
and genetic or biometric data. The
regulation enhances privacy protection
in a digital landscape.
Defining Personal Data

Personal data refers to any information

that can identify a person directly or
indirectly, including names, addresses,
and IP addresses. Both GDPR and the
Data Protection Act prioritize the
protection of this sensitive information
to uphold privacy rights.
Special Categories of Data

Special categories of personal data include

sensitive information such as health data, racial
or ethnic origin, and sexual orientation. Both
GDPR and the Data Protection Act impose
stricter conditions on the processing of this type
of data to safeguard privacy and prevent
discrimination.
Data Processing Activities

Data processing encompasses any

operation performed on personal data,
such as collection, recording, storage,
or dissemination. Understanding
these activities is essential for
compliance with data protection laws,
ensuring organizations act
responsibly with personal information.
Key Differences

The GDPR provides a broader

application across EU member states,
whereas the Data Protection Act is the
UK's local adaptation. GDPR
emphasizes individual rights and
imposes stricter legal responsibilities
on organizations.
Principles Count

GDPR outlines six core principles

guiding data processing, whereas the
Data Protection Act includes eight
principles. The focus on a limited set of
principles in GDPR reflects a push for
simplicity and practical compliance.
Enforcement Mechanisms

GDPR enforcement is led by

designated supervisory authorities with
the power to investigate and penalize.
The Data Protection Act enforcement
mirrors this but operates within the UK
regulatory framework, reflecting Brexit
adjustments.
Fines and Penalties

Under GDPR, fines can reach up to 20 million euros or

4% of global turnover, whichever is higher. The Data
Protection Act also allows similar fines but typically
operates within a lower penalty framework, reflecting
legal distinctions.
Impact on Organizations GDPR drives companies to adopt comprehensive data management
strategies, enhancing accountability. The Data Protection Act similarly
promotes responsible data handling but may offer more flexibility in
compliance procedures within the UK context.