March 26, 2019 |4 min read
Political experts predict a no-deal Brexit, which would mean that the UK exits the EU without any agreement on the future relationship between the EU and the UK. Coverage by media on this topic, like this recent article by Forbes, has caused stress for Cloud Service Providers (CSP) and users, who are now worrying about how their customers in the UK can access cloud services and data based in the EEA (European Economic Area).
What are cloud users worried about ?
As experts foresee a no-deal Brexit, the following questions are worth asking:
Does a no-deal Brexit mean that the GDPR (General Data Protection Regulation) will no longer apply to the UK ?
My CSP has a server in the EU. Will I still be able to access it here in the UK?
My CSP has a server in the UK. Will I still be able to access it here in the EU?
If the UK becomes a ‘third-country’, will the GDPR make it difficult for me to access my EU cloud data from the UK ?
What are cloud companies worried about ?
Do we need to get Binding Corporate Rules (BCR) approved by the data protection regulators to save our organization from these complications?
If our organization works towards obtaining BCR, how long will it take for the authorities to approve them and make the data in the EU accessible for our cloud users?
Are the Standard Contractual Clauses (SCCs) enough to make the data in our UK data center accessible for our cloud users in the EU?
Should UK customer data be located in the UK and EU customer data be located in the EU?
Why there’s no need to worry
The concerns of both these groups (CSPs and cloud users) are related to the transfer of data from, and into the UK. This transfer can happen through one of the following mechanisms:
Adequacy
Standard Contractual Clauses
Binding Corporate Rules (BCR)
The following table summarizes how the transfer can happen through each of these mechanisms:
@SellicoC
Comments