BU8200 - Cloud Regulations for AWS Infrastructure in Bahrain

Verified

Added on 2023/06/12

AI Summary

This report proposes regulations for Amazon Web Services (AWS) cloud service provider (CSP) infrastructure in Bahrain, addressing data security and privacy concerns. It examines existing legal frameworks in Bahrain and other GCC countries, including the Constitution of Bahrain 2002, Legislative Decree No. 9 of 1984, and GDPR, to ensure data protection for stakeholders such as controllers, providers, the government, the organization, and users. The analysis includes limitations to security measures, potential conflicts, and guidance for users, drawing from international laws like China Law No. 26 of 2015. The report aims to provide a comprehensive understanding of cloud computing regulations necessary for AWS implementation in Bahrain.

Running head: CLOUD SERVICE PROVIDER INFRASTRUCTURE IN BAHRAIN
CLOUD SERVICE PROVIDER INFRASTRUCTURE IN BAHRAIN
Name of the Student
Name of the University
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1CLOUD SERVICE PROVIDER INFRASTRUCTURE IN BAHRAIN
Proposal of regulations addressing the concerns identified
Cloud computing is the latest revolutionary technological advancement that has changed
the overlook of data and information handing. A cloud computing implementation has become
essential in all business organizations since it provides numerous benefits of data and
information handling than the previous traditional strategies (Kittichaisaree, 2017). The
following would include a proposal to develop Cloud Service Providers or CSP with data centers
or other key cloud infrastructure in Bahrain for the organization Amazon Web Services or AWS
with the regulations for implementation keeping in mind the concerns regarding cloud
computing. The regulations affect the stakeholders in the business are the controllers, the
providers, the government, the organization itself, and the users. The regulations include the
concerns about data security and data privacy. The regulations are described as follows:
Data Privacy and Data Security Regulations
There is no standalone data privacy and security law in Bahrain, but on the other hand, in
rest of the GCC countries there are proper legislations for business organizations to implement
data privacy and data security with respect to the effect of the legislations on the stakeholders of
the organization (Kapiszewski, 2017). If Amazon Web Services want to keep in mind the
legislative measures to implement cloud services in Bahrain the following has to be kept in
mind:
According to Bahrain: (1) As per the regulation Constitution of Bahrain 2002, it can be
stated that in Bahrain, the term personal data includes information that belongs to any individual,
is either identified or possible to identify.

2CLOUD SERVICE PROVIDER INFRASTRUCTURE IN BAHRAIN
(2) Legislative Decree No. 9 of 1984 states that, it depends entirely on the data owner to
maintain the confidentiality of the data and should only provide it to the authorized person by the
owner (Burri, 2017). The processing of data depends entirely on the owner even for one or more
specific purposes. EU data-privacy law and regulations will be effective for controlling the
privacy practices regarding any company that belongs to the EU residents.
(3) The stakeholders of the business, that includes the business controller, the data
providers, the government, the organization and the users, shall keep in mind that according to
Article 9 of GDRPR, it is stated that if a data processed reveals the personal data of any user
regarding his or her ethnicity, religious belief, political opinion and other controversial issues,
the data has the potential to be prohibited (Kapiszewski, 2017). However, it can be justified if the
explicit content processing has more than one explanation. Although, there is no harmonized
legislative framework like the European Union in Bahrain.
(4) According to Article 20 of GDPR, cloud providers should assure the cloud users that
the data they are storing in the cloud storage will not be provided to someone who does not have
the authority to access the data legally.
According to the rest GCC countries: (1) Amiri Decree No. 15 of 1976 according to
Penal Code, states that privacy right of data belongs only to an individual and works against the
malicious hackers who tend to disclose unauthorized information.
(2) Constitution of the UAE of Federal Law 1 states that, Cloud service providers have to
offer high security techniques for data security (Alschner, Skougarevskiy & Wang, 2017).
Security must be provided to felicitate faster access to the data by the consumers. Infrastructure
used for the service has to be well documented and provided to the users on demand. Limitations

3CLOUD SERVICE PROVIDER INFRASTRUCTURE IN BAHRAIN
to the security measures have to be specified. State of conflicts has to be eliminated due to the
access of data by various cloud providers to ensure security. Proper guidance is provided to the
users for dealing with security issues.
(3) According to China Law No. 26 of 2015 on the Regulation of Data Dissemination and
Exchange in China, all the data related and managed by the China government should be marked
as open data or otherwise at least be made sure that is shared between authorized personnel only
(Kapiszewski, 2017). This is done to make sure that the data transmitted is propagated only
within China itself to ensure no other country gets access to intricate data of the country.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4CLOUD SERVICE PROVIDER INFRASTRUCTURE IN BAHRAIN
Reference
Alschner, W., Skougarevskiy, D., & Wang, M. (2017). Champions of protection? A Text-as-data
analysis of the bilateral investment treaties of GCC countries. International review of
law, 2016(3), 5.
Burri, M. (2017). The Governance of Data and Data Flows in Trade Agreements: The Pitfalls of
Legal Adaptation. UCDL Rev., 51, 65.
Kapiszewski, A. (2017). Arab versus Asian migrant workers in the GCC countries. In South
Asian Migration To Gulf Countries (pp. 66-90). Routledge India.
Kittichaisaree, K. (2017). Public International Law of Cyberspace (Vol. 32). Springer.