Future EU data protection legislation is set to increase the risk of huge fines for businesses who utilise the cloud.
That was the warning delivered by Vinod Bange, a top London-based IT lawyer, as the EU proposes new laws to penalise data breaches.
Bange said: "Regulatory sanctions have gone way off the scale in terms of what we are used to right now. The sting in the tail, which did not exist before, is that there is a provision to calculate a fine that is based on a percentage of annual global turnover. That's big news and a big change.
"Organisations have moved on so much since the original legislation in 1995. In this globalised, outsourced, social media, cloud driven environment, you could end up with a third tier fine."
The EU is proposing three tiers of fines, the first of which runs up to £209,000 or 0.5 per cent of turnover, the second up to £418,000 or 1 per cent of turnover. The top tier allows for a fine of up to £837,000 or 2 per cent of turnover.
The latter could be a potentially massive fine to the tune of hundreds of millions, with tier three penalties relating to international data transfers. Businesses using the cloud, and data centres across the globe, could be more vulnerable to this massive whack of a fine.
Currently, the ICO's maximum imposition for those who aren't careful with their data is a £500,000 penalty.