We joined the high-level data economy conference in Helsinki, hosted by the Finnish EU Presidency. In this context, the multi-stakeholder group SWIPO (Switching Cloud Service Providers and Porting Data) officially presented two Codes of Conduct to enable proper application of the Article 6 “Porting of Data” of the EU Free Flow of Data Regulation.
At the German Digital Summit 2019, a concept for a GDPR Code of Conduct on pseudonymization, which we helped to develop, was published. We also share our take on the official recommendations of the data-ethics-commission, a multi-stakeholder working group installed by the German government advising on the ethical use of data.
We'll join the European Commission's DSM cloud stakeholder conference in Warsaw, and the SWIPO (cloud switching/porting data) working group will give an update on their progress. Before Warsaw, we also traveled to Brasilia to discuss lessons learned under GDPR for the new Brazilian privacy law LGPB, and joined the privacy conference in Berlin.
Together with a team of different sectors we developed a first set of clauses for the processor to processor environment under GDPR. The goal was to propose a comprehensive and accurate regime, while safeguarding a high level of data protection for third country transfers and ensure that in particular small and medium-sized companies could rely on such clauses.
At the official stock taking event of GDPR, Commissioner Jourová highlighted the role of Codes of Conduct - corresponding, the EDPB released and adopted the final version of the guidelines on Codes of Conduct and Monitoring Bodies. The SWIPO working group makes significant progress and initiated a call for applications to host SWIPO as a legal entity.
Iit was time to take stock of Europe's new privacy rules: Dr. Nils Hullen, IBM Government and Regulatory Affairs Executive, spotlights the role of the EU Cloud Code of Conduct as "a contributor to a higher level of data privacy, transparency and accountability". The EDPB shared a recap, providing useful insights on the workload of Supervisory Authorities.
The EU Cloud Code of Conduct General Assembly reached a crucial milestone earlier this month: The General Assembly has now completed its extensive revision of the Code, further developing the substance of the Code and aligning its provisions to GDPR.
EDPB's guidelines on Codes of Conduct and Monitoring Bodies are keeping us busy, drafting our response and comments. We are also preparing the next meeting of the SWIPO working group at the DSM cloud stakeholder meeting in Berlin! We also participated in the eHealth Summit (Lisbon) presenting on GDPR's privacy challenges and opportunities.
The EDPB released their guidelines on Codes of Conduct and Monitoring Bodies under GDPR. These guidelines are also crucial for the further work on the EU Cloud Code of Conduct. Speaking of Codes of Conduct: We participated in the DSM Cloud Stakeholder meeting in Madrid, as our Managing Director presented on the governance of the SWIPO Code of Conduct.
This month, we wanted to flag two important public consultations in the cloud sector for you: First, the SWIPO (Cloud Switching and Porting Data) Working Group invites stakeholders to share their feedback on the SaaS Code of Conduct. Also the sister-working group CSPCERT launched a public consultation on the Cloud Security Certification framework.