Representing cloud infrastructure service providers in Europe
The nature of cloud infrastructure services and different cloud deployment models (IaaS, PaaS, SaaS) are often misunderstood. This lack of understanding is fuelling “one size fit all” policies that are out of touch with industry requirements – and underpin the need for a united voice to represent the views of European cloud infrastructure service providers.
Welcome to CISPE. Our membership currently includes companies operating 16 European countries – and we’re growing. Join us.
What we do
- Strongly advocate cloud first public procurement policies
- Promote coherent EU-wide security requirements and technical standards
- Support comprehensive privacy requirements with a Code of Conduct
- Work to keep the EU cloud infrastructure market open, competitive and free from lock-in
- Prevent unjustified content monitoring obligations in the EU legal framework
CISPE Code of Conduct for Cloud Infrastructure Services
This data protection code anticipates enforcement of the European Union’s General Data Protection Regulation (GDPR). It aligns with the strict requirements laid out in the GDPR framework to help cloud infrastructure providers comply and so avoid penalties while also offering a framework to help customers and end users to select cloud providers and trust their services.
The CISPE Code of Conduct :
- An effective, easily accessed framework for complying with the EU’s GDPR
- Excludes the re-use of customer data
- Enables data storage and processing exclusively within the EU
- Identifies cloud infrastructure services suitable for different types of data processing
- Helps citizens to retain control of their personal and sensitive data
Current list of services declared under the CISPE Code of Conduct
Declare a service
Declaring a service under the CISPE Code of Conduct
How to complain to the CISPE Data Protection Committee
European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU
CISPE, the voice of cloud infrastructure providers in Europe, has described the European Commission’s proposed regulation for the free flow of non-personal data as “a major step forward for Europe’s cloud industry” – adding that additional focus is still required in key areas including data security, self-regulation, data portability and protections for SMEs.
Our announcement of the first cloud infrastructures services declaring their adherence to the CISPE Data Protection Code of Conduct generated overwhelming interest across Europe and on the other side of the Atlantic.
E-Commerce Directive to address imbalance in GDPR liabilities for infrastructure cloud providers, says expert
The EU’s E-Commerce Directive should be updated to address an anomaly which exposes infrastructure cloud providers to potential liabilities for unlawful handling of personal data by their customers, even if they are not aware of their customers’ activities.