Brussels, November 20th, 2018. The EU Cloud Code of Conduct (EU Cloud CoC) General Assembly has released a revised version of the Code.
After publishing an updated version of the Code of Conduct aligned to GDPR in May this year, cloud service providers (CSPs) in the EU Cloud Code of Conduct General Assembly continued improving the Code provisions and the governance overseeing the Code, resulting in the new version of the Code. We have added value by strengthening the transparency obligations of the Code and becoming more user focused – paying closer attention to the needs of customers and the data subjects, covering areas in which GDPR does not set out transparency obligations.
Further, the EU Cloud CoC General Assembly has now included specific controls in the Code, with precise requirements which CSPs adhering to the Code must meet. These controls are linked to the so-called Controls Catalogue, a binding implementation guide accompanying the Code and aligning its provisions to GDPR and European and international security and data privacy certification schemes and standards.
“This is another milestone in the development of the EU Cloud CoC – we have been working closely with all stakeholders over the last months to find the right balance between innovation in cloud and high standards of data protection”, said Jonathan Sage, Government and Regulatory Affairs Executive at IBM and Chairman of the EU Cloud CoC General Assembly.
Background
Founded in February 2017 after four years of close collaboration between the European Commission and the cloud computing community, the EU Cloud Code of Conduct aims to increase transparency in the European cloud market and to enable CSPs to demonstrate their capability to comply with GDPR.
The EU Cloud Code of Conduct General Assembly, growing continuously and representing European and multinational companies and organizations as well as small- and medium-sized providers, is open to organizations of all cloud sectors (IaaS, PaaS, SaaS).