CISPE

CISPE (Cloud Infrastructure Services Providers in Europe) is a trade association gathering infrastructure as a service (IaaS) cloud providers to express their views at a European scale. CISPE is a non-profit organisation registered in Belgium and declared to the European Union Transparency Register. The association has been started since some IaaS players had some difficulties to make their business model understood by policymakers.[1]

The association aims to advocate for an EU-wide cloud-first public procurement policy, and engage for a European Digital Single Market including the promotion of high-level security and data protection rules/standards as well as avoiding vendor lock-in.

Although the association was formally registered in the early 2017, it has been operating since 2015.[2]

In June 2020 the association becomes one the 22 founding members[3] of GAIA-X announced by German and French Ministers of Economic Affairs Peter Altmaier & Bruno Le Maire. CISPE joined forces with European cloud users and providers like BMW, EDF, Safran, Atos, Siemens, Bosch, OVHcloud, Deutsche Telekom...

The CISPE Data Protection Code of Conduct

In order to help IAAS providers and their customers to comply with the EU General Data Protection Regulation (GDPR), which entered into force from 25 May 2018, CISPE released the CISPE Data Protection Code of Conduct. On the top of the required compliance to meet with the GDPR, the code also ensures that IaaS customers may choose to have their data located and processed exclusively in Europe, and that the supplier will not re-use customer's data.[4]

The compliance has to be declared by CISPs/IaaS providers service by service.[5]

The CISPE Code of Conduct has been launched 27 September 2016 at the European Parliament,[1][6] and the first thirty services has been declared by first CISPs/IaaS providers 14 February 2017[7]

Announcements received a very large press coverage across Europe, including: Le Monde,[1] InfoDSI,[8] El Pais, La Repubblica,[9] Silicon,[10][11][12] Cloud Magazine, Computer Sweden,[13] Tom's Hardware,[14] L'informaticien,[15][16] Global Security Mag,[17] EU Observer, Politico, Computer Weekly,[18] IAPP,[7] Il corriere della Sicurezza,[19] LeMagIT,[20] Bloomberg Television,[21] ITR Manager,[22] Heise.de,[23] COR.COM,[24] ZDNet,[25][26] ElEconomista.es, IT Channel,[27] EuropaPress,[28][29] 01net,[30] The Register,[31] CIO Dive[32] and many others.

Reversibility IaaS Code of Conduct

In order to anticipate of the Free Flow of non-personal Data Regulation (FFoD) that was published end 2018, the European Commission started the SWIPO (Switching and Porting) Working Groups to develop 2 codes of conduct[33] for Data Portability on the Cloud market (one for Infrastructure as a Service, another for Software as a Service. These codes should have been developed to specifically answer the regulation requirement of its Article 6 - Data Porting. CISPE, together with EuroCIO (the association of European CIOs) have been tasked by the European Commission[34] to co-chair the SWIPO IaaS Working Group. The SWIPO IaaS code[35] has been handed over to the European Commission in November 2019 during High-Level Conference on Data Economy of the EU Finish Presidency[36][37].

Members and supporting organizations

Members and supportive organizations manage operations in more than 15 European countries including France, Germany, Italy, Ireland, UK, Finland, Sweden, the Netherlands, Spain, Bulgaria, Poland, and Switzerland.

Corporate members of CISPE, or organisations supporting the Code of Conduct, include: Arsys, Art of Automation, Aruba S.p.A., AWS, BIT, Dada, Daticum, Dominion, Enter, Fasthosts, FjordIT, Gigas, Hetzner Online, Home, Host Europe Group, IDS, Ikoula, LeaseWeb, Lomaco, Netalia, Netcetera, Outscale, OVH, Seeweb, Serverplan, SolidHost, UpCloud, VTX, XXL Webhosting, 1&1 Internet.[38]

Organization

CISPE is a non-profit association under Belgian law. The General Assembly elects a board of less than ten of its members.

The composition of the board of directors should at any time take into account composition rules: a majority of the board should be composed with European Headquartered companies; a majority of the board should be composed by small and mid caps (< €1 billion turnover) and represent at least three different EU countries (considering worldwide HQ location). The first chairman of the board is Alban Schmutz.[39]

The general secretary is named by the board. The first general secretary is Francisco Mingorance [39]

The Board also names Code of Conduct Task Force (CISPE CCTF) who is in charge to working out the evolution and improvements of the CISPE Data Protection Code of Conduct.[40]

The organization is open to any member operating at least one IaaS service in one European country, and engaging to declare at least one service under the CISPE Code of Conduct within six months.[41]

References
  1. Fagot, Vincent (27 September 2016). "Protection des données : les hébergeurs européens à l'offensive". Le Monde. Retrieved 28 July 2017.
  2. "Cloud Infrastructure Services Providers in Europe - Transparency Register". Ec.europa.eu. Retrieved 28 July 2017.
  3. "Germany, France launch Gaia-X platform in bid for 'tech sovereignty'". POLITICO. 4 June 2020. Retrieved 5 July 2020.
  4. Gutwirth, Serge; Leenes, Ronald; Hert, Paul De; Poullet, Yves (22 February 2012). European Data Protection: In Good Health?. Springer Science & Business Media. ISBN 978-94-007-2903-2.
  5. "Public Register - Current list of services declared under the CISPE Code Of Conduct". Cispe.cloud. Retrieved 28 July 2017.
  6. "Europäische Cloud-Infrastruktur-Anbieter veröffentlichen Verhaltenskodex". Cloudcomputing-insider.de. Retrieved 28 July 2017.
  7. "CISPE announces 30 services comply with its code of conduct". Iapp.org. Retrieved 28 July 2017.
  8. "Un code de conduite pour les fournisseurs d'IaaS". Infodsi.com. Retrieved 28 July 2017.
  9. "Cloud, nuovo codice di condotta europeo: ecco cosa cambia". Repubblica.it. 28 September 2016. Retrieved 28 July 2017.
  10. "CISPE Kodex: Europas Cloud-Anbieter positionieren sich zum Datenschutz - silicon.de". Silicon.de. 29 September 2016. Retrieved 28 July 2017.
  11. "CISPE, lobby européen du Cloud, publie un code de conduite data". Silicon.fr. 28 September 2016. Retrieved 28 July 2017.
  12. "AWS Touts CISPE Membership To Help Its Cloud Services Meet EU GDPR". Silicon.co.uk. 14 February 2017. Retrieved 28 July 2017.
  13. "Ny organisation ska ge garantier för GDPR i molnet – Amazon är med". Computersweden.idg.se. Retrieved 28 July 2017.
  14. "Con CISPE un codice di condotta per il Cloud". Tomshw.it. Retrieved 28 July 2017.
  15. "CISPE : un code de conduite pour la protection des données en Europe". Linformaticien.com. Retrieved 28 July 2017.
  16. "Archived copy". Archived from the original on 4 July 2017. Retrieved 15 May 2017.CS1 maint: archived copy as title (link)
  17. "Certification de la protection des données : des fournisseurs d'infrastructures cloud opérant en Europe déclarent leur conformité au code de conduite relatif à la protection des données". Global Security Mag Online. Retrieved 28 July 2017.
  18. "AWS preps GDPR readiness by signing up to cloud Code of Conduct". Computerweekly.com. Retrieved 28 July 2017.
  19. "Dada aderisce al Codice di condotta sulla protezione dati del CISPE - Il corriere della sicurezza". Ilcorrieredellasicurezza.it. Retrieved 28 July 2017.
  20. "Les fournisseurs de services Cloud anticipent le RGPD". Lemagit.fr. Retrieved 28 July 2017.
  21. "Колко голяма е заплахата пред сигурността на данните в облака". Bloombergtv.bg. Retrieved 28 July 2017.
  22. "CISPE anticipe le RGPD et fournit une "marque de conformité"". Itrmanager.com. Retrieved 28 July 2017.
  23. "Datenspeicherung in Europa soll Cloud-Kontrolle verbessern". Heise.de. Retrieved 28 July 2017.
  24. "Cloud, nasce il primo codice di condotta: "I dati dei clienti non si toccano"". Corrierecomunicazioni.it. Retrieved 28 July 2017.
  25. "RGPD : Les fournisseurs cloud prennent de l'avance". Zdnet.fr. Retrieved 28 July 2017.
  26. "Una grande alleanza cloud europea: via al Cispe". Corrierecomunicazioni.it. Retrieved 28 July 2017.
  27. "Un code de conduite pour les fournisseurs d'IaaS". Itchannel.info. Retrieved 28 July 2017.
  28. "Aprobado el código de conducta en aplicación del Reglamento de Protección de Datos de la UE". Europapress.es. 27 September 2016. Retrieved 28 July 2017.
  29. "Gigas garantiza la total privacidad de los datos en la nube". Europapress.es. 15 February 2017. Retrieved 28 July 2017.
  30. Maria Teresa Della Mura (15 February 2017). "Cispe: ecco chi aderisce alla coalizione". 01net.it. Retrieved 28 July 2017.
  31. "Cloud industry body sets up new data protection code". Theregister.co.uk. Retrieved 28 July 2017.
  32. "Data Protection Certification: Cloud Infrastructure Services Providers operating in Europe declare compliance with CISPE Data Protection Code of Conduct". Ciodive.com. Archived from the original on 28 July 2017. Retrieved 28 July 2017.
  33. Anonymous (16 April 2018). "Cloud stakeholder working groups start their work on cloud switching and cloud security certification". Shaping Europe’s digital future - European Commission. Retrieved 5 July 2020.
  34. Anonymous (16 April 2018). "Cloud stakeholder working groups start their work on cloud switching and cloud security certification". Shaping Europe’s digital future - European Commission. Retrieved 5 July 2020.
  35. "High-level Conference on Data Economy". Valtioneuvosto. Retrieved 5 July 2020.
  36. "YouTube". www.youtube.com. Retrieved 5 July 2020.
  37. https://api.hankeikkuna.fi/asiakirjat/2d0f4123-e651-4874-960d-5cc3fac319b6/3b0ad494-bb45-419b-8853-786754d1b287/LIITE_20191009135505.pdf
  38. "Implications of the Code of Conduct for Cloud Infrastructure Service Providers in Europe". Idc.com. Archived from the original on 28 July 2017. Retrieved 28 July 2017.
  39. "Board of Directors - CISPE - The Voice of Cloud Infrastructures Providers in Europe". Cispe.cloud. Retrieved 28 July 2017.
  40. "CCTF - CISPE - The Voice of Cloud Infrastructures Providers in Europe". Cispe.cloud. Retrieved 28 July 2017.
  41. "Become CISPE Member". Cispe.cloud. Retrieved 8 June 2020.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.