CPC Press release – 21st November 2016: Data Protection Law Made Easy
Lawyers from 32 countries have created the Cloud Privacy Check (CPC), the largest European information platform explaining data protection laws in the simplest possible terms and free of charge. The CPC makes 32 different national regulations directly comparable and allows companies to save thousands of Euros.
Understanding the complexity of current European data protection laws and regulations is already difficult enough for an IT engineer, buyer, or business user. In combination with the often small but nevertheless significant differences between various EU member states, however, it can become an almost insurmountable challenge without proper juristic accompaniment from the very start.
Irvette Tempelman says: “Unfortunately, here in Europe it is not only our many different languages that make things difficult for us: Cloud service providers and users alike are faced with major obstacles in regard to data protection, causing us to suffer massive and unacceptable competitive disadvantages in comparison with, for example, the USA.”
A vastly simplified approach has now been presented by Dr Tobias Höllwarth (EuroCloud) to-gether with Irvette Tempelman (Cordemeyer & Slager Advocaten B.V.) and more than 40 legal from all over Europe. The website cloudprivacycheck.eu hosts the Cloud Privacy Check (CPC), a visual-design infographic explaining the principles of data protection regulations in 26 languages, allowing information seekers to quickly determine key aspects.
The Cloud Privacy Check (CPC) is intended to simplify certain decisions and processes for most affected persons. Additionally, the Data Protection Compliance database provides highly relevant legal information for 32 countries that can easily be compared with each other.
Tobias Höllwarth (EuroCloud) says: “This is a European project. With the CPC portal, we have created the largest European information platform explaining data protection laws in the simplest possible terms and free of charge, making 32 different national regulations directly comparable. This allows companies to save thousands of Euros.”
Dr. Tobias Höllwarth
+43 664 4060900
Mr mrs. Irvette M. Tempelman
Cordemeyer & Slager Advocaten B.V.
+31 23 534 01 00
Question: What is the added value of the Cloud Privacy Checks?
Irvette Tempelman: The Cloud Privacy Check provides cloud service customers with an initial overview of how to proceed. While the CPC cannot replace detailed examination together with a legal specialist, it lays out the fundamental legal framework, thereby saving time and costs for legal consultation.
Question: What does the first step of evaluation under the CPC look like, for example?
Irvette Tempelman: In the first step of the CPC, we determine whether the examined service actually deals with personal data. If the answer is yes, the second step of the Cloud Privacy Check is performed. In this step, we check whether a third party processes or has access to personal data. This depends on the technical arrangement of the service, and a so-called transition point can be defined.
Question: Are there differences between national regulations?
Irvette Tempelman: There are certain differences and peculiarities in almost every country, and being aware of them is precisely the point of our service. That is why we created the Data Privacy Compliance Reports, country reports that all share a common structure and juristic language. The small but significant differences I have mentioned are marked in orange in these documents.
Question: How do you plan to proceed with this approach?
Irvette Tempelman: We have now established an international network of legal offices in more than 30 countries, and the CPC is available in 26 languages at no cost. Our information portal is designed to help people understand and apply data protection laws easily and quickly and to compare them between countries. We want the CPC portal to become the most important source of information on data protection issues. We will integrate the new European Data Protection Regulation, answer the most common questions asked by companies, and continue to inform about the most important topics comprehensibly and free of charge.
Question: Is the CPC suitable also for larger customers with own legal departments?
Irvette Tempelman: Yes. It should be noted, though, that the use of the CPC should be well coordinated with the internal legal department. It should not be forgotten that the CPC cannot replace a full legal assessment. Performing such analysis is in the responsibility of the internal legal department. They usually best know the challenges faced by their company. If the CPC is discussed early with the internal legal department it can, however, help to find a common language for data protection issues within the company.