Publications

The purpose of this Buying Cloud Services Handbook is to provide guidance to those Cloud customers wishing to purchase Cloud Services through a competitive procurement process (Cloud Services Request for Proposal- RFP), but lacking the expertise to draft a Cloud Framework Agreement.

 This document is provided for informational purposes only. It has not been developed in accordance with legal requirements for public procurement processes within any particular country or region.

The handbook also looks as additional selection criteria language for Call Offs or Mini Competitions when purchasing off of a Cloud Framework Agreement. The sections of the handbook are organized to resemble a generic IT RFP. Sample generic RFP and selection criteria language is accompanied by commentary to help understand why a cloud RFP is different from a traditional IT RFP.

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct

Brussels, 02/04/2019 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, provided comments to the comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679

The European Data Protection Board organised a public consultation for interested stakeholders to comments on the Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. CISPE used the opportunity and provided cloud infrastructure industry position, that could be found here.

Brussels, 06/12/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, describes the European Council’s proposal as “technically unworkable and targeting the wrong actors”. CISPE is urging the European Parliament to clarify the proposed rules and to make them fit for purpose and consistent with the GDPR privacy protections enacted barely six months ago.

The Regulation will obligate cloud infrastructure providers to proactively scan, filter and remove data, covering all enterprise and government data running across cloud infrastructure services. CISPE maintains this cannot be the intention of the legislator and so this needs to be clarified in the Regulation, which targets the wrong players. It is technically impossible for cloud infrastructure to deliver what is requested.

“CISPE companies already co-operate fully with the authorities in fighting terrorist content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “The rules adopted today are designed for online content sharing services like social media and content sharing platforms that can access, monitor data and content made available by their end-users. Even if the automated proactive measures (Article 6) contemplated in the Regulation were to be developed in the future, they would require cloud infrastructure providers to proactively ‘snoop’ on all customers – imposing blanket scanning, filtering and data removal obligations”.

CISPE urges European legislators to clarify the scope of the Regulation to include rules that are clear, workable and proportionate, and do not put the entire cloud infrastructure sector in Europe at risk.

Brussels, 27/11/2018 – CISPE, the alliance of Cloud Infrastructure Services Providers in Europe, is raising major concerns about the scope of the European Commission’s proposed Regulation covering terrorist content online. CISPE believes the Regulation, which asks infrastructure providers to scan and monitor all enterprise data running across there services, is targeting the wrong players and is not technically possible.

 “CISPE and its members support the intention of the Regulation and already fully co-operate with judiciary authorities and court orders to fight terrorism content,” says Alban Schmutz, CISPE Chairman and VP Strategic Development & Public Affairs, OVH. “However, including cloud infrastructure providers in the legislation means the wrong players are being targeted.”

“Unlike social media platforms, video and other online content sharing services that have control down to the most granular piece of content made available on their platforms by their users – these are the primary targets of the Regulation – cloud infrastructure providers have no control or access to the data stored by their customers, or over how and when such data is made available to the public. For us, the Regulation is like asking a mechanic from the company that runs the motorway to repair any faulty car running through the motorway.”

Cloud Infrastructure Services Providers in Europe (CISPE) welcomes the opportunity to provide its views on the European Commission’s proposal for a Regulation on preventing the dissemination of terrorist content online (the “Regulation”).  CISPE fully supports the intention and ambitions of the Regulation. However, including cloud infrastructure providers in the scope means the wrong players are being targeted. Cloud infrastructure providers must be exempted from the Regulation. This needs to be clarified in the proposed law.

CISPE commits to creating the first ever Cloud Infrastructure Data Portability Code of Conduct after EU Regulation on free flow of data agreed

CISPE Press Release on the adoption of the Free Flow of Data Regulation

CISPE Response to the EBA consultation on Guidelines on outsourcing

CISPE Response to the Public consultation on Ecodesign requirements on enterprise servers and data storage products

Europe’s cloud infrastructure service providers ‘welcome GDPR and the protections it provides to cloud customers’

Every Day is Data Protection Day for cloud infrastructure service providers in Europe

European cloud infrastructure providers in Europe response to the public consultation on the draft Regulation proposal on a framework for the free flow of non-personal data in the EU.

European cloud infrastructure providers in Europe response to the public consultation on Article 29 Working Party draft guidelines on data breach notifications.

European cloud infrastructure providers in Europe response to the public consultation on improving cross-border access to electronic evidence in criminal matters.

European cloud infrastructure providers in Europe response to the public consultation on the draft Implementing Regulation on security and notification obligations for Digital Service.

European cloud infrastructure providers welcome the proposed Regulation on the ‘Free Flow of Data’ in the EU

Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct

Download : Press Release French FR – Press Release Italian IT – Press Release Nederland NL – Press Release Bulgarian BG

CISPE Code of Conduct