A new EU draft Cybersecurity Certification Scheme for Cloud Services will be reviewed by the European Cybersecurity Certification Group, Euractiv reports. The review will take place at the upcoming European Union Agency for Cybersecurity Conference 26 May. The new draft "maintains the sovereignty requirements to provide some guarantees about the independence from non-EU law." The proposal creates a new subcategory under the EU Cybersecurity Act, "high+," which requires cloud services be "operated only by companies based in the EU, with no entity from outside the EU having effective control over the (cloud service provider)."
New draft EU Cybersecurity Certification Scheme for Cloud Services under review
Related stories
Emerging trends, insights from public enforcement of US state privacy laws
Notes from the IAPP Canada: Building momentum to address youth privacy issues
How proposed AI enforcement moratorium cuts into US state-level powers
Notes from the Asia-Pacific region: Chinese regulators strengthen AI, data protection governance
Notes from the IAPP Europe: Data protection and AI in focus
