The European Commission tasked the European Union Agency for Cybersecurity with adding data sovereignty requirements to the draft Cybersecurity Certification Scheme for Cloud Services, Euractiv reports. The strategy would be near-identical to France’s cybersecurity certification regime, SecNumCloud. Under the draft scheme, maintenance, operations and data processed by cloud service providers would have to be located in the EU. Non-European access would be guaranteed by mandating cloud service providers be headquartered in the EU.
17 June 2022
European Commission requests data sovereignty requirements for cloud services certification scheme
Related stories
Notes from the IAPP Canada: Ontario IPC shares enforcement philosophy with law students
Notes from the IAPP Europe: Wrapping up November with the IAPP DPC
Ireland's DPC details legitimate interest prong of its LinkedIn enforcement action
What the new European Commission could mean for digital regulation
IAPP DPC 2024: Reynders discusses GDPR enforcement harmonization, adequacy developments