The BE DPA approves its first European code of conduct
The Belgian Data Protection Authority has approved today the first transnational code of conduct to be adopted within the European Union since the entry into force of the GDPR. The EU Cloud CoC aims to establish good data protection practices for cloud service providers and will contribute to a better protection of personal data processed in the cloud in Europe.
The EU Cloud CoC, a European code of conduct for cloud services
On May 19th the European Data Protection Board issued a favorable opinion, allowing the Belgian Data Protection Authority to approve today its first transnational code of conduct. In parallel to the approval of the code of conduct, the Belgian Data Protection Authority has also accredited SCOPE Europe as the monitoring body for the EU Cloud CoC. This monitoring body will ensure that code members abide by the provisions of the EU Cloud CoC. Therefore the EU Cloud CoC will be operational from this day on.
The EU Cloud CoC concretizes requirements of Art. 28 GDPR (concerning the processor) – and other relevant related Articles of the GDPR – for practical implementation within the cloud market (including IaaS, PaaS, SaaS). Adherence to the EU Cloud CoC is also achievable for SMEs that are active in this sector. Through the approval of this code the Belgian Data Protection Authority contributes to a harmonized interpretation of GDPR provisions in the cloud sector across the European Union.
David Stevens, Chairman of the Belgian Data Protection Authority, said:
“The approval of the EU Cloud CoC was achieved through narrow collaboration within the European Data Protection Board and is an important step towards a harmonised interpretation and application of the GDPR in a crucial sector for the digital economy.I hope that this first experience in approving a European code of conduct will mark the beginning of the development of more European codes of conduct to foster compliance for companies, harmonisation for sectoral organizations and transparency for data subjects”
Codes of conduct : an essential instrument of the GDPR
The BE DPA commits to remain at the forefront of the development of national and transnational codes of conduct and will keep encouraging the development of codes of conduct. This instrument provided by the GDPR puts in place good compliance practices at a sectoral level, and is therefore beneficial to data controllers and/or processors and data subjects.
David Stevens, Chairman of the Belgian Data Protection Authority: “Not only are codes of conduct an efficient way to ensure the effective implementation of the GDPR in a specific sector, they also help build confidence between the sector and the data subjects. We hope to see more initiatives to create codes of conducts, especially for sectors that regularly collect and process sensitive data or large amounts of personal data.”