Miliners Abogados y Asesores Tributarios
DATA PROTECTION LAW MADE EASY
Lawyers from 32 countries have created the Cloud Privacy Check (CPC), the largest European information platform explaining data protection laws in the simplest possible terms and free of charge. The CPC makes 32 different national regulations directly comparable and allows companies to save thousands of Euros.
Understanding the complexity of current European data protection laws and regulations is already difficult enough for an IT engineer, buyer, or business user. In combination with the often small but nevertheless significant differences between various EU member states, however, it can become an almost insurmountable challenge without proper juristic accompaniment from the very start.
Belén Arribas says: “Unfortunately, here in Europe it is not only our many different languages that make things difficult for us: Cloud service providers and users alike are faced with major obstacles in regard to data protection, causing us to suffer massive and unacceptable competitive disadvantages in comparison with, for example, the USA.”
A vastly simplified approach has now been presented by Dr Tobias Höllwarth (EuroCloud) together with Belén Arribas (Miliners Abogados y Asesores Tributarios) and more than 40 legal entities from all over Europe. The website cloudprivacycheck.eu hosts the Cloud Privacy Check (CPC), a visual-design info graphic explaining the principles of data protection regulations in 26 languages, allowing information seekers to quickly determine key aspects.
The Cloud Privacy Check (CPC) is intended to simplify certain decisions and processes for most affected persons. Additionally, the Data Protection Compliance database provides highly relevant legal information for 32 countries that can easily be compared with each other.
Tobias Höllwarth (EuroCloud) says: “This is a European project. With the CPC portal, we have created the largest European information platform explaining data protection laws in the simplest possible terms and free of charge, making 32 different national regulations directly comparable. This allows companies to save thousands of Euros.”
Dr. Tobias Höllwarth Belén Arribas
EuroCloud Austria Miliners Abogatos y Asesores Tributarios
Question: What is the added value of the Cloud Privacy Checks?
Belén Arribas: The Cloud Privacy Check provides cloud service customers with an initial overview of how to proceed. While the CPC cannot replace detailed examination together with a legal specialist, it lays out the fundamental legal framework, thereby saving time and costs for legal consultation.
Question: What does the first step of evaluation under the CPC look like, for example?
Belén Arribas: In the first step of the CPC, we determine whether the examined service actually deals with personal data. If the answer is yes, the second step of the Cloud Privacy Check is performed. In this step, we check whether a third party processes or has access to personal data. This depends on the technical arrangement of the service, and a so-called transition point can be defined.
Question: Are there differences between national regulations?
Belén Arribas: There are certain differences and peculiarities in almost every country, and being aware of them is precisely the point of our service. That is why we created the Data Privacy Compliance Reports, country reports that all share a common structure and juristic language. The small but significant differences I have mentioned are marked in orange in these documents.
Question: How do you plan to proceed with this approach?
Belén Arribas: We have now established an international network of legal offices in more than 30 countries, and the CPC is available in 26 languages at no cost. Our information portal is designed to help people understand and apply data protection laws easily and quickly and to compare them between countries. We want the CPC portal to become the most important source of information on data protection issues. We will integrate the new European Data Protection Regulation, answer the most common questions asked by companies, and continue to inform about the most important topics comprehensibly and free of charge.
Question: Is the CPC suitable also for larger customers with own legal departments?
Yes. It should be noted, though, that the use of the CPC should be well coordinated with the internal legal department. It should not be forgotten that the CPC cannot replace a full legal assessment. Performing such analysis is in the responsibility of the internal legal department. They usually best know the challenges faced by their company. If the CPC is discussed early with the internal legal department it can, however, help to find a common language for data protection issues within the company.