Abstract
Cloud computing is both an economically promising and an inevitable technology. Nevertheless, some deployment models can be a source of risk in terms of the protection of personal data. The risks of data loss and data breach hold private entities back from using cloud services. Articles 42 and 43 of the EU General Data Protection Regulation (GDPR) provide a new auspicious framework for certification mechanisms to detect and to be able to minimize these risks. However, these articles do not specify any criteria for certification mechanisms and are also technology-neutral. To be implementable, the certification criteria ought to be defined and a transparent procedure needs to be established. An effective data protection certification mechanism can serve to build trust and resolve the existing uncertainties limiting the broader usage of cloud services: certification implies a presumption of conformity with regulatory standards, and may be seen as an indicator of quality, which can lead to a distinction on the market. This chapter will summarize the author’s research during her collaboration in the research project AUDITOR for the development of a catalogue of criteria according to the GDPR.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
EU Commission, Communication, COM 2012, 529, 27 September 2012, Unleashing the Potential of Cloud Computing in Europe, p. 2; ENISA, Report, 12/2012, Cloud Computing—Benefits, risks and recommendations for information security, p. 9, available via https://resilience.enisa.europa.eu/cloud-security-and-resilience/publications/cloud-computing-benefits-risks-and-recommendations-for-information-security. Last accessed 16 August 2018.
- 2.
See also Sect. 14.4.3.2 for a more detailed technical definition and description of cloud services.
- 3.
Gebauer et al. 2018, p. 59.
- 4.
Article 29 Working Group, Opinion 05/2012 Cloud Computing, WP 126, 1st July 2012, pp. 2, 6 et seq.; Pfarr et al. 2014, p. 5020.
- 5.
EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) has entered into force on 25 May 2016 and will take effect in all Member States as of 25 May 2018.
- 6.
European Cloud Service Data Protection Certification, funded by the Federal Ministry of Economic Affairs and Energy since 1st November 2017; The Ministry’s press release is available via https://www.digitale-technologien.de/DT/Redaktion/DE/Standardartikel/Einzelprojekte/einzelprojekte_auditor.html. Last accessed 16 August 2018.
- 7.
Schwartmann and Weiß 2018, Article 42, para 46.
- 8.
Kinast and Schröder 2012, p. 217.
- 9.
KPMG AG and Bitkom Research GmbH (eds.), Cloud-Monitor 2017, available via https://home.kpmg.com/de/de/home/themen/2017/03/cloud-monitor-2017.html. Last accessed 16 August 2018; Hoffmann, Regulation of Cloud Services under US and EU Antitrust, Competition and Privacy Laws, 2016, p. 67.
- 10.
- 11.
Article 29 Working Group, Opinion 05/2012 Cloud Computing, WP 126, 1st July 2012, pp. 2, 6 et seq.
- 12.
Schneider et al. 2016, p. 346.
- 13.
Hofmann and Roßnagel 2018, p. 39.
- 14.
Pfarr et al. 2014, p. 5023.
- 15.
Roßnagel 2011, pp. 263 et seq.
- 16.
Power 1996, p. 10.
- 17.
Hennrich 2011, p. 551.
- 18.
- 19.
- 20.
Hornung 2017, Article 42, para 10.
- 21.
Roßnagel 2011, p. 267.
- 22.
Hornung and Hartl 2014, p. 220.
- 23.
Hornung and Hartl 2014, p. 220.
- 24.
Hornung and Hartl 2014, p. 220.
- 25.
This view was also proposed in the GDPR draft of the European Parliament on 12 March 2014; see also Lachaud 2018, p. 245 with further references.
- 26.
Roßnagel et al. 2015, p. 459.
- 27.
ENISA Recommendations on European Data Protection Certification, Version 1.0, November 2017, p. 15, available via https://www.enisa.europa.eu/publications/recommendations-on-european-data-protection-certification. Last accessed 16 August 2018.
- 28.
ENISA Recommendations on European Data Protection Certification, Version 1.0, November 2017, pp. 17–18.
- 29.
Schultze-Melling 2013, p. 474.
- 30.
- 31.
- 32.
- 33.
- 34.
- 35.
Lachaud 2018, pp. 245, 251.
- 36.
- 37.
AUDITOR is funded by the Federal Ministry of Economic Affairs and Energy and started on 1 November 2017 with a duration of two years until October 2019—funding code: 01MT17003G.
- 38.
Batman et al. 2017; see also www.auditor-cert.de. Last accessed 16 August 2018.
- 39.
- 40.
Or the target of evaluation (ToE).
- 41.
Schäfer and Fox 2016, p. 746.
- 42.
Roßnagel et al., Policy Paper, National Implementation of the General Data Protection Regulation, p. 5, access available via https://www.forum-privatheit.de/forum-privatheit-de/publikationen-und-downloads/veroeffentlichungen-des-forums/positionspapiere-policy-paper/Policy-Paper-National-Implementation-of-the-GDPR_EN.pdf. Last accessed 16 August 2018.
- 43.
Hildebrandt and Tielemans 2013, p. 512.
- 44.
Article 2 GDPR, para 14.
- 45.
Roßnagel 2018, Article 2 GDPR, para 14.
- 46.
- 47.
- 48.
Article 28 GDPR corresponds essentially to the former provision in § 11 Bundesdatenschutzgesetz (Federal Data Protection Act—2009).
- 49.
Article 29 Working Group, Opinion 05/2012 Cloud Computing, WP 126 (adopted on 1st July 2012), p. 10; Kramer 2018, Article 28, para 16; Niemann and Hennrich 2010, p. 687.
- 50.
Flint 2017a, p. 171; Flint 2017b, p. 125; UK Information Commissioner’s Office (ICO), Guidance on the use of cloud computing, p. 8: The ICO states that in the provider of a public cloud needs to be classified as data controller according to data protection law, available via https://ico.org.uk/media/for-organisations/documents/1540/cloud_computing_guidance_for_organisations.pdf. Last accessed 16 August 2018.
- 51.
See also Batman 2018, p. 94.
- 52.
This view is also shared by the supervisory authority Unabhängiges Landeszentrum für Datenschutz (ULD) from Schleswig-Holstein, that at its time has also contributed significantly to the criteria of EuroPriSe and is currently an associated partner in the project AUDITOR.
- 53.
Krcmar et al. 2018, § 1, para 24.
- 54.
Pfarr et al. 2014, p. 5018.
- 55.
Krcmar et al. 2018, § 1, para 24, 25.
- 56.
Pfarr et al. 2014, p. 5023.
- 57.
The National Institute of Standards and Technology (NIST), the standardisation centre of the USA, is part of the U.S. Department of Commerce. The document is available via https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf. Last accessed 16 August 2018.
- 58.
Federal Office of Information Security https://www.bsi.bund.de/EN/Topics/CloudComputing/Basics/Basics_node.html;jsessionid=E93272CC537E50C157BBE795D67E6F4A.1_cid351. Last accessed 16 August 2018.
- 59.
A more comprehensive differentiation between the service models (such as Communication as a Service, Storage as a Service, Network as a Service or E-Mail as a Service etc.) can also be found in DIN ISO/IEC 17788:2016-04, Annex A.
- 60.
Federal Office of Information Security https://www.bsi.bund.de/EN/Topics/CloudComputing/Basics/Basics_node.html;jsessionid=E93272CC537E50C157BBE795D67E6F4A.1_cid351. Last accessed 16 August 2018
- 61.
Weichert 2018, Article 42 GDPR, para 47.
- 62.
Roßnagel 2000.
- 63.
IT Governance Privacy Team (ed.), EU General Data Protection Regulation (GDPR). An implementation and Compliance guide, 2nd edition (2017), pp. 159–162; see also Roßnagel 2000, pp. 76 et seq.—A data flow analysis for the purpose of the definition of a certifiable element is demonstrated here.
- 64.
IT Governance Privacy Team 2017, p. 161.
- 65.
Roßnagel 2000.
- 66.
Article 43(1) sentence 2 GDPR.
- 67.
Spindler and Thorun 2015, p. 61.
- 68.
Trusted Cloud Data Protection Profile (TCDP), TCDP v1.0, available via https://www.tcdp.de/index.php/dokumente. Last accessed 16 August 2018. The Trusted Cloud audit standard TCDP has emerged from the Technology Programme of the Federal Ministry for Economic Affairs and Energy in 2016.
- 69.
Article 37–39 GDPR.
- 70.
Article 33, 34 in conjunction with Article 28(3), sentence 2, lit. f GDPR.
- 71.
BSI, C5-Compliance Controls Catalogue (C5), available via https://www.bsi.bund.de/EN/Topics/CloudComputing/Compliance_Controls_Catalogue/Compliance_Controls_Catalogue_node.html. Last accessed 18 September 2018.
- 72.
Roßnagel et al. 2018.
- 73.
Article 42(7), sentence 1 GDPR.
- 74.
Article 42(7), sentence 2 GDPR.
- 75.
Article 43(1), sentence 2 GDPR.
- 76.
Regulation (EC) No 765/2008 of the European Parliament and of the Council (1) in accordance with EN-ISO/IEC 17065/2012.
- 77.
Article 43(a) GDPR.
- 78.
Article 43(b) GDPR.
- 79.
Article 43(c) GDPR.
- 80.
Article 43(d) GDPR.
- 81.
Article 43(e) GDPR.
- 82.
Article 43(6) sentence 1 GDPR.
- 83.
Article 43(6) sentence 2 GDPR.
- 84.
Weichert 2018, Article 43 GDPR, para 2.
- 85.
Spindler and Thorun 2015, p. 61.
- 86.
- 87.
Schäfer and Fox 2016, p. 744.
- 88.
- 89.
- 90.
Hoffman 2016, p. 190.
- 91.
Buch et al. 2014, p. 68.
- 92.
Buttarelli 2016, p. 77.
References
Baldwin B, Cave M, Lodge M (eds) (2012) Understanding Regulation. Theory, Strategy and Practice, 2nd edn. Oxford University Press, USA
Batman AN (2018) Die Datenschutzzertifizierung von Cloud-Diensten nach der EU-DSGVO. In: Taeger J (ed) Rechtsfragen digitaler Transformationen – Gestaltung digitaler Veränderungsprozesse durch Recht. Tagungsband Herbstakademie 2018, OlWIR Oldenburger Verlag für Wirtschaft, Informatik und Recht, Edewecht, pp 87–101
Bergt M (2016) Die Bedeutung von Verhaltensregeln und Zertifizierungen nach der DSGVO. In: Taeger J (ed) Smart World - Smart Law? Weltweite Netze mit regionaler Regulierung. Tagungsband Herbstakademie 2016, OlWIR Oldenburger Verlag für Wirtschaft, Informatik und Recht, Edewecht, pp 483–489
Bergt M (2017) Art. 42. In: Kühling J, Buchner B (eds) DSGVO-Kommentar. C.H. Beck, Munich
Bock K (2016) Data Protection Certification: Decorative or Effective Instrument? Audit and Seals as a Way to Enforce Privacy. In: Wright D, De Hert P (eds) Enforcing Privacy, Chapter 15, Springer International Publishing, pp 335–356
Borges G, Brennscheidt K (2012) Rechtsfragen des Cloud Computing – ein Zwischenbericht. In: Borges G, Schwenk J (eds) Daten- und Identitätsschutz in Cloud Computing, E-Government und E-Commerce. Springer, Berlin/Heidelberg, pp 43–77
Borges G, Meents J (eds) (2016) Cloud Computing. Rechtshandbuch. C.H. Beck, Munich
Buch MS, Gebauer L, Hoffmann H (2014) Vertrauen in Cloud Computing schaffen - Aber wie? Wirtschaftsinformatik & Management, 03/2014, pp 67–77
Bundesamt für Sicherheit in der Informationstechnik (BSI) (2018) C5-Compliance Controls Catalogue (C5). Available via https://www.bsi.bund.de/EN/Topics/CloudComputing/Compliance_Controls_Catalogue/Compliance_Controls_Catalogue_node.html. Last accessed 16 August 2018
Burri M, Schär R (2016) The Reform of the EU Data Protection Framework: Outlining Key Changes and Assessing Their Fitness for a Data-Driven Economy. Journal of Information Policy, Vol. 6 (2016), pp 479–511, available via http://www.jstor.org/stable/10.5325/jinfopoli.6.2016.0479. Last accessed 16 August 2018
Buttarelli G (2016) The EU GDPR as a clarion call for a new global digital gold standard. International Data Privacy Law, 2016, Vol. 6, No. 2, pp 77–78
De Hert P, Papakonstantinou V (2016) The new General Data Protection Regulation: Still a sound system for the protection of individuals? Computer Law & Security Review, 2016, Vol. 32, pp 179–194
Determann L (2015) Determann’s Field Guide to Data Privacy Law. International Corporate Compliance, 2nd edn. Edward Elgar Publishing Ltd
ENISA (2012) Cloud Computing - Benefits, risks and recommendations for information security. Report
ENISA (2017) ENISA Recommendations on European Data Protection Certification Version 1.0, November 2017, p 15, available via https://www.enisa.europa.eu/publications/recommendations-on-european-data-protection-certification. Last accessed 16 August 2018
European Commission (2012) Communication from the Commission to the European Parliament, the Council, the ECOSOC and the Committee of the Regions, COM 2012, 529, 27 September 2012, Unleashing the Potential of Cloud Computing in Europe, available via http://ec.europa.eu/transparency/regdoc/rep/1/2012/EN/1-2012-529-EN-F1-1.Pdf. Last accessed 16 August 2018
Fladung A (2018) In: Wybitul T (ed) (2018) Handbuch EU-Datenschutz-Grundverordnung. Fachmedien Recht und Wirtschaft, dfv Mediengruppe Frankfurt am Main, Commentary of Art. 42 GDPR
Flint D (2017a) Sharing the Risk: Processors and the GDPR. Business Law Review, 2017, Vol. 38, pp 171–172
Flint D (2017b) Storms ahead for Cloud Service Providers. Business Law Review, 2017, Vol. 38, pp 125–126
Forum Privacy and Self-Determined Life in the Digital World (ed) (2018) Policy Paper, National Implementation of the General Data Protection Regulation, Challenges - Approaches - Strategies, available via https://www.forum-privatheit.de/forum-privatheit-de/publikationen-und-downloads/veroeffentlichungen-des-forums/positionspapiere-policy-paper/Policy-Paper-National-Implementation-of-the-GDPR_EN.pdf. Last accessed 16 August 2018
Gebauer L, Söllner M, Leimeister JM (2018) Vertrauensproblematiken im Cloud-Computing-Umfeld. In: Krcmar H, Leimeister JM et al. (eds) Cloud-Services aus der Geschäftsperspektive. Springer Fachmedien Wiesbaden, pp 59–69
Hennrich T (2011) Compliance in Clouds. Datenschutz und Datensicherheit in Datenwolken. Computer & Recht (CR), Vol. 8/2011, pp 546–552
Hildebrandt M, Tielemans L (2013) Data protection by design and technology neutral law. Computer Law & Security Review, Vol. 29 (2013), pp 509–521
Hoffmann SG (2016) Regulation of Cloud Services under US and EU Antitrust, Competition and Privacy Laws. Peter Lang GmbH, Internationaler Verlag der Wissenschaften, Frankfurt am Main
Hofmann JM (2016) Zertifizierungen nach der DS-GVO. In: ZD-Aktuell 2016, 05324 (online-resource)
Hofmann JM, Roßnagel A (2018) Rechtliche Anforderungen an Zertifizierungen nach der DSGVO. In: Krcmar H, Eckert C et al. (eds) Management sicherer Cloud-Services. Springer Fachmedien Wiesbaden, pp 101–112
Hornung G (2017) Art. 42. In: Auernhammer H (ed) DSGVO BDSG Kommentar, 5th edn. Carl Heymanns Verlag, Cologne
Hornung G, Hartl K (2014) Datenschutz durch Marktanreize – auch in Europa? - Stand der Diskussion zu Datenschutzzertifizierung und Datenschutzaudit. Zeitschrift für Datenschutz (ZD) 2014, pp 219–225
Horwitz J (1982) The History of the Public/Private Distinction. University of Pennsylvania Law Review, Vol. 130, No. 6 (1982), pp 1423–1428, available via http://www.jstor.org/stable/3311976. Last accessed 16 August 2018
IT Governance Privacy Team (eds) (2017) EU General Data Protection Regulation (GDPR). An Implementation and Compliance Guide, 2nd edn.
Jaatun MG, Pearson S, Gittler F, Leenes R (2014) Towards Strong Accountability for Cloud Service Providers. IEEE 6th International Conference on Cloud Computing Technology and Science, pp 1001–1006
Jarass H (2018) Art. 8. In: Jarass H, Pieroth B (eds) Grundgesetz für die Bundesrepublik Deutschland: GG, Kommentar. C.H. Beck, Munich
Jentzsch N (2012) Was können Datenschutz-Gütesiegel leisten? Wirtschaftsdienst 2012, pp 413–419
Jung A (2018) Datenschutz-(Compliance-)Management-Systeme – Nachweis- und Rechenschaftspflichten nach der DSGVO. ZD (Zeitschrift für Datenschutz), 2018, pp 208–213
Kamara I, de Hert P (2018) Data Protection Certification in the EU: Possibilities, Actors and Building Blocks in a Reformed Landscape. In: Rodrigues R, Papakonstantinou V (eds) Privacy and Data Protection Seals. T.M.C. Asser Press, The Hague
Kinast K, Schröder M (2012) Audit & Rating: Vorsprung durch Selbstregulierung. Datenschutz als Chance für den Wettbewerb. ZD (Zeitschrift für Datenschutz), 2012, pp 207–210
Koops BJ (2008) Should ICT Regulation be Technology-Neutral? In: Koops BJ, Lips M et al. (eds) Starting Points for ICT Regulation. Deconstructing Prevalent Policy One-Liners. IT & Law Series Vol. 9, T.M.C. Asser Press, The Hague, pp 77–108
Krcmar H, Eckart C et al. (eds) (2018) Management sicherer Cloud-Services. Entwicklung und Evaluation dynamischer Zertifikate. Springer Fachmedien, Wiesbaden
Lachaud E (2018) The General Data Protection Regulation and the rise of certification as a regulatory instrument. Computer Law & Security Review 34, 2018, pp 244–256
Loomans D, Matz M, Wiedemann M (eds) (2014) Praxisleitfaden zur Implementierung eines Datenschutzmanagementsystems. Ein risikobasierter Ansatz für alle Unternehmensgrößen. Springer Fachmedien, Wiesbaden
Martini M (2018) In: Paal BP, Pauly AD (eds) Beck’sche Kompakt-Kommentare. Datenschutz-Grundverordnung, Article 24 GDPR. C.H. Beck Verlag, Munich
Martini M (2016) Do it yourself im Datenschutzrecht. NVwZ – Extra 6/2016, pp 1–10
Mitchell C (2015) Privacy, Compliance and the Cloud. In: Zhu/Hill/Trovati (eds) Guide to Security Assurance for Cloud Computing. Springer International Publishing, pp 3–14
Niemann F, Hennrich T (2010) Kontrollen in den Wolken? Auftragsdatenverarbeitung in Zeiten des Cloud Computing. Computer & Recht (CR) 10/2010, pp 686–692
Pfarr F, Buckel T, Winkelmann A (2014) Cloud Computing Data Protection – A Literature Review and Analysis. 2014 47th Hawaii International Conference on System Science, pp 5018–5027
Power M (1996) The audit explosion. Demos. White Dove Press, London, available via https://www.demos.co.uk/files/theauditexplosion.pdf. Last accessed 16 August 2018
Rodrigues R, Barnard-Wills D, De Hert P, Papakonstantinou V (2016) The future of privacy certification in Europe: An exploration of options under article 42 of the GDPR. International Review of Law 2016, Computers & Technology, available via http://dx.doi.org/10.1080/13600869.2016.1189737. Last accessed 16 August 2018
Rodrigues R, Wright D, Wadhwa K (2013) Developing a privacy seal scheme (that works). International Data Privacy Law, 2013, Vol. 3, No. 2, pp 100–116
Roßnagel A (2000) Datenschutzaudit. Konzeption. Durchführung. Gesetzliche Regelung. Vieweg, Braunschweig
Roßnagel A (2011) Datenschutzaudit - ein modernes Steuerungsinstrument. In: Hampel L, Krasmann S, Bröcking U (eds) Sichtbarkeitsregime. Überwachung. Sicherheit und Privatheit im 21. Jahrhundert, pp 263–280
Roßnagel A (2018) Art. 2. In: Simitis S, Hornung G, Spiecker gen., Döhmann I (eds) Datenschutzrecht – DSGVO mit BDSG, Großkommentar. Nomos, Baden-Baden
Roßnagel A (ed) (2018) Das neue Datenschutzrecht. Europäische Datenschutz-Grundverordnung und deutsche Datenschutzgesetze. Nomos, Baden-Baden
Roßnagel A, Nebel M. Richter P (2015) Was bleibt vom Europäischen Datenschutzrecht? - Überlegungen zum Ratsentwurf der DS-GVO. ZD 2015, pp 455–460
Roßnagel A, Sunyaev A, Batman A et al. (2017) AUDITOR: Neues Forschungsprojekt zur Datenschutz-Zertifizierung von Cloud-Diensten nach der DS-GVO. ZD-Aktuell 2017, 05900 (online-resource)
Roßnagel A, Sunyaev A, Batman A, Lins et al. (2018) AUDITOR-Kriterienkatalog, draft version v.07, research contribution 4 June 2018, available as a technical report via https://publikationen.bibliothek.kit.edu/1000083222. Last accessed 16 August 2018
Schäfer C, Fox D (2016) Zertifizierte Auftragsdatenverarbeitung. Das Standard-ADV-Model. Datenschutz und Datensicherheit (DuD), 2016, Vol. 11, pp 744–748
Schneider S, Sunyaev A et al. (2016) Entwicklung eines Kriterienkatalogs zur Zertifizierung von Cloud Services. In: Krcmar H, Leimeister JM et al (eds) Cloud-Services aus der Geschäftsperspektive. Springer Fachmedien, Wiesbaden, pp 337–349
Schultze-Melling J (2013) Datenschutz. In: Bräutigam P (ed) IT-Outsourcing und Cloud-Computing. Eine Darstellung aus rechtlicher, technischer, wirtschaftlicher und vertraglicher Sicht, 3rd edn. Erich Schmidt Verlag GmbH & Co., Berlin
Schwartmann R, Weiß S (2018) In: Schwartmann R, Jaspers A, Thüsing G, Kugelmann D (eds) Heidelberger Kommentar. DS-GVO/BDSG. C.F. Müller, Heidelberg
Semmelmann C (2012) Theoretical Reflections on the Public-Private Distinction and their Traces in European Union Law. Oñati Socio-legal Series (online), 2012, Vol. 2 (4), pp 25–59, available via http://ssrn.com/abstract=2016077. Last accessed 16 August 2018
Siemen B (2006) Datenschutz als europäisches Grundrecht. Duncker und Humblot, Berlin
Spindler G (2016) Selbstregulierung und Zertifizierungsverfahren nach der DS-GVO. Reichweite und Rechtsfolgen der genehmigten Verhaltensregeln. ZD 2016, p 407
Spindler G, Thorun C (2015) Eckpunkte einer digitalen Ordnungspolitik. Politikempfehlungen zur Verbesserung der Rahmenbedingungen für eine effektive Ko-Regulierung in der Informationsgesellschaft, available via https://sriw.de/images/pdf/Spindler_Thorun-Eckpunkte_digitale_Ordnungspolitik_final.pdf. Accessed 15 August 2018
Stone CD (1982) Corporate Vices and Corporate Virtues: Do Public/Private Distinctions Matter? University of Pennsylvania Law Review, 1982 Vol. 130, No. 6, pp 1441–1509, available via http://www.jstor.org/stable/3311978. Last accessed 16 August 2018
Tinnefeld C, Hanßen C (2018) In: Wybitul T (ed) (2018) Handbuch EU-Datenschutz-Grundverordnung. Fachmedien Recht und Wirtschaft, dfv Mediengruppe Frankfurt am Main, Commentary of Article 24 GDPR
van der Sloot B, Broeders D, Schrijvers E (2016) Exploring the boundaries of Big Data. Amsterdam University Press
Weichert T (2010) Datenschutzzertifizierung – Vorteile für Unternehmen. ITK-Kompendium 2010, pp 274–279
Weichert T (2018) Art. 4. In: Däubler et al. (eds) EU-Datenschutz-Grundverordnung und BDSG-neu. Kompaktkommentar. Bund-Verlag, Frankfurt am Main
Werner F (1959) Verwaltungsrecht als konkretisiertes Verfassungsrecht. DVBl, 1959, pp 527–533
Wybitul T (ed) (2018) Handbuch EU-Datenschutz-Grundverordnung. Fachmedien Recht und Wirtschaft, dfv Mediengruppe, Frankfurt am Main
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 T.M.C. Asser press and the authors
About this chapter
Cite this chapter
Batman, A.N. (2019). European Cloud Service Data Protection Certification. In: Reins, L. (eds) Regulating New Technologies in Uncertain Times. Information Technology and Law Series, vol 32. T.M.C. Asser Press, The Hague. https://doi.org/10.1007/978-94-6265-279-8_14
Download citation
DOI: https://doi.org/10.1007/978-94-6265-279-8_14
Published:
Publisher Name: T.M.C. Asser Press, The Hague
Print ISBN: 978-94-6265-278-1
Online ISBN: 978-94-6265-279-8
eBook Packages: Law and CriminologyLaw and Criminology (R0)