The countdown to the EU Data Act deadline has already started. Although the obligations to facilitate customer switching and data portability are not applicable until September 2025 (other than the gradual removal of switching charges), both CISPE members and their customers are keen to quickly identify cloud infrastructure services that meet these requirements.
CISPE believes that a practical and results-based approach to the entire switching process is required. An effective mechanism for cloud providers to audit and publish (and for customers to identify) EU Data Act compliant services will be essential to the Act’s successful implementation. CISPE’s work will also further inform parallel initiatives driven by the European Commission, such as the contractual aspects of the Act.
CISPE’s Cloud Switching Framework, published here today, is a practical service declaration framework that covers the entire switching process. The Framework provides comprehensive guidelines and technical requirements to help vendors and cloud customers to operationalize compliance with the upcoming obligations around data portability and switching.
The CISPE Cloud Switching Framework covers:
- Transparency: Cloud providers must give customers clear, detailed information on the switching process, including procedures, data formats, costs, and technical limitations.
- Contractual Obligations: Contract between customers and cloud providers must allow the customer to switch or use multiple providers, and it must specify the provider’s switching assistance obligations, data export requirements, and termination procedures.
- Initiation of Switching: Cloud providers must offer designated channels for customers to notify a switching request and to track progress of such requests.
- Technical Requirements: Cloud providers must make open interfaces, data export tools, and other technical capabilities available to facilitate switching while ensuring data security.
- Termination: The cloud provider must close the customer account once the customer confirms completion of the switch and requests closure, which will result in termination of the contract between the parties.
The CISPE Framework builds on the association’s longstanding work in developing cloud codes of conduct and best practices around data protection, sustainability, portability and interoperability. From today, cloud service providers can use the CISPE Framework to self-assess their compliance and evaluate how well their existing cloud switching policies and procedures align with the industry-agreed best practices. They can identify any areas for improvement and work towards compliance with the Data Act in advance of the deadline. Interested vendors can apply to use the framework here.
Commenting on the CISPE Framework for Cloud Switching, Francisco Mingorance, Secretary General, said:
“CISPE has a track record of delivering effective, easy to implement and powerful tools that help cloud service providers and their customers comply with regulation and best practice. At the heart of CISPE’s value is its ability to convene not only leading vendors, but also leading customers and customer organizations to effectively operationalize the implementation of cloud regulations. This Framework continues this leadership by further equipping European cloud providers and customers of all sizes with a clear roadmap to facilitate smooth, standardized customer switching ahead of the Data Act’s 2025 enforcement.”