Upcoming changes for Data Protection in the Cloud

The new rules imposed by the recently adopted EU General Data Protection Regulation (GDPR) are about to significantly impact the cloud industry, whether in the EU or further abroad. From May 2018, any organisation or company that collects, uses or shares personal information about European citizens/customers will have to demonstrate compliance with this legal instrument. 

During the second SeCloud brokerage event on 17 October, Ioulia Konstantinou from VUB Research Group on Law, Science, Technology & Society, will elaborate on the GDPR in the presentation "The EU General Data Protection Regulation: Upcoming changes for Data Protection in the Cloud". 

This talk will reflect on the legal research conducted so far in the context of SeCloud project. The presentation will focus on some aspects of the GDPR that incur challenges in the cloud environment. First, the GDPR applicability issues will be discussed. This law applies to a company even if it merely markets goods or services in the EU zone, despite having a formal presence in the EU. The new criterion of territoriality is the collection and storage of EU citizens’ personal data. 

Secondly, the new rules regarding liability for data breaches and security violations will be introduced: for the first time data processors (cloud providers) are put on an equal footing with data controllers regarding compliance, in contrast with the current Data Protection Directive, which imposes legal obligations on the data controller only. 

Last but not least, the notion of accountability will be explained, along with the new privacy by default/by design and security measures provisions that aim at increasing security and privacy consciousness of software developers. 

Do you want to know more about GDPR? Come to the second SeCloud Brokerage event. Take a peek in our agenda!

 

The SeCloud project is fully supported by :