The Cloud Security Alliance Wednesday launched an effort to help cloud providers and cloud customers navigate data privacy standards and support implementation of European Union data protection requirements.
The new Cloud Security Alliance (CSA) Privacy Level Agreement (PLA) Working Group will develop compliance baselines for data protection legislation and establish standards for how cloud providers communicate the measures they take to ensure cloud data privacy of third-party information.
"The goal of this working group is to create a structure for privacy disclosures that will provide both cloud providers and their customers with an objective and comparable way by which to communicate their personal data handling practices," Daniele Catteddu, managing director for CSA EMEA, said in a prepared statement. "This is especially problematic in the EU, which maintains the most stringent regulations on privacy as compared to the rest of the world."
In July, the Article 29 Data Protection Working Party, which includes representatives of the data protection authorities of each of the European Union member states -- issued an opinion on cloud computing. The opinion identifies data protection obligations for companies providing or using cloud services, as well as cloud computing risks.
The CSA said the PLA Working Group will work to support implementation of the Article 29 Data Protection Working Party opinion. The group is made up of independent privacy and data protection experts, privacy officers and representatives of EU data protection authorities.
The nonprofit CSA has been busy. Wednesday's announcement comes on the heels of last week's launch of its big data security initiative. Also last month, the organization said it was teaming with the British Standards Institution to provide a cloud security certification for cloud providers that will include third-party assessments.