MITLA participates in the Cloud Privacy Check (CPC) Project
Lawyers from 32 countries have created the Cloud Privacy Check (CPC), the largest European information platform explaining data protection laws in the simplest possible terms and free of charge. The CPC makes national regulations directly comparable and easily accessible.
Understanding the complexity of current European data protection laws and regulations is already difficult enough for an IT engineer, buyer, or business user. Due to the often small, yet nevertheless significant, differences between various EU member states, comprehending the legal structures can be an almost insurmountable challenge.
Dr. Gege Gatt, Vice President of the Malta IT Law Association (MITLA), represented MITLA at the launch of the CPC project in Vienna. He stated: “Privacy is not merely a business-priority, it is a societal challenge which requires adaptive technical and legal know-how. The CPC tools offers the first level of information to make citizens and business-users more aware of the operative legislative provisions in Europe”.
Language is often a barrier. However it isn’t only the many different languages that make the interpretation of European privacy laws difficult. Cloud service providers and users alike are faced with major obstacles with regards to data protection law variants, causing European nations to suffer massive competitive disadvantages in comparison with, for example, the USA. This is itself a barrier to business.
The CPC project provides a vastly simplified approach. MITLA has collaborated with the CPC Project Leader, Dr Tobias Höllwarth (EuroCloud) and more than 40 legal professionals from all over Europe to produce this tool. The website cloudprivacycheck.eu hosts the Cloud Privacy Check (CPC) tool, a visual infographic explaining the principles of data protection regulations in 26 languages, allowing information seekers to quickly understand key aspects of privacy law. Additionally, the Data Protection Compliance database provides highly relevant legal information for 32 countries that can easily be compared with each other.
Tobias Höllwarth (EuroCloud), founder of this project says: “This is a European project. With the CPC portal, we have created the largest European information platform explaining data protection laws in the simplest possible terms and free of charge, making 32 different national regulations directly comparable.”
Commenting on the project, Dr. Gege Gatt stated: “The Malta IT Law Association is dedicated to advancement and development of information technology law. It actively researches and discusses developments taking place on the international plane and the present pan-European data protection laws have been an area of constant scrutiny. The CPC project has presented a managed resource of knowledge on the various subtleties of law as applied within the European Union. The data within the CPC is an excellent visual summary of key action items relevant to data protection compliance within a cloud environment and will be of great use to researches and business owners acting over multiple jurisdictions”.
A question and answer on the CPC tool follows hereunder:
Question: What is the added value of the Cloud Privacy Check?
Answer: The Cloud Privacy Check tool provides cloud service customers with an initial overview of how to act. While the CPC cannot replace legal advisory services, it lays out the fundamental legal framework, thereby providing an initial source of information.
Question: What does the first step of evaluation under the CPC look like?
Answer: In the first step of the CPC, we determine whether the cloud service examined actually deals with personal data. If the answer is in the affirmative, the second step of the Cloud Privacy Check is performed. In this step, we check whether a third party processes (or has access) to personal data. This depends on the technical arrangement of the service, and a so-called transition point can be defined.
Question: Are there differences between national regulations?
Answer: Yes. There are certain differences and peculiarities in almost every country, and being aware of them is precisely the point of this project. We created the ‘Data Privacy Compliance Reports’ which are country reports that share a common structure and juristic language. The small but significant differences mentioned are marked and colour-coded in these documents.
Question: Will the project be updated going forward?
Answer: We have established an international network of legal offices in more than 30 countries, and the CPC is available in 26 languages at no cost. Our information portal is designed to help people understand and apply data protection laws easily and quickly and to compare them between countries. We want the CPC portal to become the most relevant source of information on data protection issues. We will integrate the new European Data Protection Regulation, answer the most common questions asked by companies, and continue to inform about the most important topics comprehensibly and free of charge