GDPR and cloud providers: policy changes, compliance programs, and enforcement (2016–2019)

1. GDPR is adopted, setting a two-year runway

   Apr 27, 2016Labels: GDPR, European Union

   • EDPB Legal
   • GDPR OJ

2. GDPR enters into force, implementation work accelerates

   May 24, 2016Labels: GDPR, Cloud providers

   • EDPB Legal

3. EU–U.S. Privacy Shield is adopted

   Jul 12, 2016Labels: Privacy Shield, European Commission

   • EUR Lex

4. Microsoft commits to GDPR compliance across its cloud

   Feb 15, 2017Labels: Microsoft, Azure

   • Microsoft Blog

5. Google Cloud announces GDPR contractual commitments

   May 3, 2017Labels: Google Cloud, G Suite

   • Google Cloud

6. Google Cloud releases GDPR-updated data processing terms

   Oct 12, 2017Labels: Google Cloud, Data processing

   • Google Blog

7. AWS announces all AWS services can be used for GDPR

   Mar 26, 2018Labels: AWS, Amazon Web

   • AWS Security

8. AWS publishes GDPR Data Processing Addendum in service terms

   May 22, 2018Labels: AWS, Data Processing

   • AWS Security

9. GDPR becomes applicable, triggering full enforcement powers

   May 25, 2018Labels: GDPR, Regulators

   • EU Parliament
   • EDPB Legal

10. European Data Protection Board replaces the Article 29 group

    May 25, 2018Labels: EDPB, Article 29

    • EDPB News
    • EDPS Report

11. CNIL issues a landmark GDPR fine against Google

    Jan 21, 2019Labels: CNIL, Google

    • Orrick
    • Debevoise

12. UK ICO signals major security enforcement with BA notice

    Jul 8, 2019Labels: ICO, British Airways

    • EDPB News