This post contains suplementary information to Thomas Helbing's presentation "Data Protection Law Requirements to Cloud Computing Agreements in the European Union" of 24 March 2010 at the CloudSlam 2010 Conference.
You can download the slides here (PDF - 1,26 MB)
To get access to the full video of the presentation please contact me.
The presentation gives an overview over the requirements of the EU Data Protection Directive for cloud computing services with examples from national laws, in particular Germany. No legal background knowledge is required.
Links:
Slide 1a "EU Data Protection Directive - Introduction"
Slide 1d "EU Data Protection Directive - Contoller / Processor"
Article 29 Working Party - Opinion 1/2010 on the concepts of "controller" and "processor"
Slide 2a "Contracts and Security Measures - Security Measures"
German Federal Data Protection Act - Bundesdatenschutzgesetz, BDSG - Inoffical English Translation
Slide 3b "Data Export to Third Countries - Standard Contractual Clauses"
Slide 3d "Data Export to Third Countries - Safe Harbor"
US Department of Commerce Website on Safe Harbor
Slide 3e "Data Export to Third Countries - Binding Corporate Rules"
- WP 155: Working Document on Frequently Asked Questions (FAQs) related to Binding Corporate Rules
- WP 154: Working Document Setting up a framework for the structure of Binding Corporate Rules
- WP 153: Working Document setting up a table with the elements and principles to be found in Binding Corporate Rules
- WP 133: Recommendation 1/2007 on the Standard Application for Approval of Binding Corporate Rules for the Transfer of Personal Data - WORD FILE
- WP 108: Working Document Establishing a Model Checklist Application for Approval of Binding Corporate Rules
- WP 107: Working Document Setting Forth a Co-Operation Procedure for Issuing Common Opinions on Adequate Safeguards Resulting From "Binding Corporate Rules"
Kommentieren