GDPR and CLOUD Act: possible approaches for assurance and compliance

Presenter(s): Daniele Catteddu (CSA)

The invalidation of the Privacy Shield alongside the approval from the US government of the CLOUD Act has created several concerns within the cloud market. European cloud users are unclear on what risks they face when using the leading cloud services providers. Is there a compliance risk vis-a-vis the GDPR, risks for the confidentiality of their data, or risks for their reputation? In this presentation, Daniele Catteddu, Chief Technology Officer at the Cloud Security Alliance (CSA), provides an overview of the problem at stake and proposes possible compliance and technical solutions.