EU cloud code of conduct gets approval from privacy regulators

News General Europe 21 MEI 2021
EU cloud code of conduct gets approval from privacy regulators

Belgium's Data Protection Authority announced the approval of a new international code of conduct for cloud service providers, laying out best practices for compliance with the EU's privacy legislation. The EU Cloud CoC is expected to make it easier for customers to check a service provider's compliance and whether they meet the requirements of the personal data protection rules.

The approval follows the EU Cloud CoC receiving a positive opinion on 19 May from the European Data Protection Board, which brings together all the national privacy regulators in the EU. In addition to approving the code, the Belgian regulator accredited Scope Europe to oversee implementation of the code. Scope will ensure that providers who sign up for the code live up to its tenets.

The code is expected to support a uniform application of the EU's General Data Protection Regulation across the different EU states. It looks specifically at application of article 28 of the GDPR on the requirements for processing personal data and how this applies for IaaS, SaaS and PaaS cloud service providers. 

Microsoft Azure was the first company to announce its compliance with the code, while other major players like Google Cloud, Alibaba Cloud and IBM are also mentioned on the Cloud CoC website. They have all received level 2 compliance with the code, while Austria-based Fabasoft said it was the first to achieve level 3 compliance, the highest possible. 

The EDPB also approved at its latest meeting the CISPE Data Protection Code of Conduct. Submitted by the French regulator Cnil, this code covers specifically cloud infrastructure providers (IaaS) and their compliance with the GDPR. It is aimed especially at organisations looking to ensure their data remains hosted in the EU. 

Categories:

General

Companies:

MicrosoftGoogleAlibabaIBM

Regions:

Europe

Tags:

Data services, Network Access, Hosting - cloud - data centres, Regulations, IT - applications, Information services

Related Articles

EUROPE 28 JUL

European Commission regains GDPR compliance for Microsoft 365 use

The European Commission has regained compliance with the EU's personal data legislation in its use of Microsoft 365 software, the European Data Protection Supervisor (EDPS) announced. The EDPS has been working for over a year with the EU's executive body to make sure it complies with the General Data Protection Regulation, and especially that personal data of EU residents is not exposed to potential misuse when sent outside the EU by Microsoft.

EUROPE 18 JUL

Microsoft grants European cloud providers better terms for local server software hosting

Cloud service providers in Europe have reached a deal with Microsoft on more advantageous terms for offering Microsoft server software on their own cloud infrastructure. They will be able to offer pay-as-you-go pricing for popular products Windows Server and SQL Server on terms similar to Microsoft's own cloud platform Azure.

EUROPE 8 FEB 2024

European cloud providers push Microsoft for concessions in competition suit

The association of European cloud service providers Cispe has set a deadline of Q1 2024 for progress in its dispute with Microsoft over alleged unfair software licensing terms. They have already been in discussions for more than a year, since Cispe and some of its members filed complaints with EU competition authorities. 

EUROPE 4 OKT 2023

Microsoft works with Dutch, Italian partners on sovereign cloud ahead of December launch

The Microsoft Cloud for Sovereignty is open in a public preview, and the company said it plans to make it generally available this December. First announced last year, the Microsoft Cloud for Sovereignty builds on Azure services developed in Europe to response to local legislation requiring greater data protection and domestic data storage and processing. 

EUROPE 27 MRT 2023

EU states reach agreement on law to support cloud data portability

The EU countries have reached agreement on the proposed Data Act, designed to make it easier to share and transfer business data, including in the cloud. The agreement among their representatives will allow the start of negotiations with the European Parliament on a final text for the new law. The Parliament approved its version of the text earlier in March. 

NETHERLANDS 5 SEP 2022

Dutch regulator calls for changes to Data Act to support cloud services competition

More changes are needed to the EU's proposed Data act to stimulate competition between cloud providers, according to the Consumer and Markets Authority in the Netherlands. It's already difficult for enterprise users to change cloud provider, a study by the competition regulator found.

NETHERLANDS 22 AUG 2022

NLdigital delays data protection code until 2023

Dutch industry group NLdigital announced it will take another six months, until March 2023, to develop its Data Pro Code. The national data protection authority AP agreed to the delay in the accreditation process for the code.

GLOBAL 20 JUL 2022

Microsoft targets public sector with new Cloud for Sovereignty services

Microsoft has announced a big push into so-called sovereign cloud services, offering extra security and personal data compliance terms for public sector customers. The Microsoft Cloud for Sovereignty builds on Azure services developed already in Europe to response to local legislation requiring greater data protection and domestic data storage and processing. The new offering is available to preview already in select locations from Microsoft data centres, the company announced at its 'Inspire 2022' event. 

EUROPE 23 MEI 2022

Cloudflare joins EU Cloud Code of Conduct

Cloudflare announced it has joined the EU Cloud Code of Conduct to help more organisations to adopt GDPR-compliant cloud services. Cloudflare also announced it achieved two new cloud security certifications: ISO/IEC 27018:2019 and C5 – Cloud Computing Compliance Criteria Catalog – introduced by the Federal Office for Information Security in Germany.

EUROPE 19 MEI 2022

Microsoft eases cloud licensing practices in Europe

Microsoft said it has adopted a new set of principles and initiatives for its cloud services in Europe, after "concerns" raised by competing cloud providers about its software licensing practices. The move follows a competition complaint filed by OVHcloud with the European Commission, which claimed Microsoft was abusing its dominant position in the cloud computing services market, undermining fair competition and limiting consumer choice. President Brad Smith noted that while not all of the claims were vali

EUROPE 17 MRT 2022

OVHcloud files competition complaint against Microsoft with EU

OVHcloud has filed a competition complaint against Microsoft with the European Commission. The complaint focuses on the way Microsoft licenses its products, such as its Office productivity suite, that may make it more expensive to use cloud services that compete with Microsoft's Azure cloud, people familiar with the complaint told the Wall Street Journal.

EUROPE 22 FEB 2022

Dutch govt legal assessment finds privacy risks still in Microsoft cloud services

Microsoft has improved its data processing policies on Teams, OneDrive and SharePoint, but there remain risks for sensitive personal data handled over the cloud applications, according to a legal assessment conducted by Privacy Company for the Dutch government and research network Surf. It found that Microsoft has taken measures to remedy the six high risks to privacy flagged earlier, but the report recommends that organisations not use these cloud services to exchange or store sensitive and special categor

BELGIUM 24 NOV 2021

Microsoft unveils major investment plans for data centre region in Belgium

Microsoft has unveiled a major new investment project in Belgium, saying it will build a new data centre region and help Belgium generate up to EUR 31.5 billion in new revenue and 60,000 more jobs to its economy over the coming four years, according to estimates from IDC.

GERMANY 8 SEP 2021

Google Cloud partners T-Systems for sovereign cloud services in Germany

T-Systems and Google Cloud are expanding their partnership to deliver 'sovereign cloud' services in Germany. These services target businesses, the public sector, healthcare organizations and other bodies that want to keep data stored in Germany and in compliance with local data protection legislation.

FRANCE 1 SEP 2021

Google to appeal EUR 500 mln fine from France's Competition Authority

Google said it is appealing the decision by France's competition watchdog to impose a fine of EUR 500 million on the company for failing to comply in full with the ruling issued last year about its remuneration contracts with press publishers, Agence France Presse reported. Google France head Sebastien Missofe said the company's disagrees with some of the legal elements of the ruling and also believes the fine is too large considering the efforts made by Google to reach a deal and respect the new law.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.