IBM Declares Software and Platform Cloud Services Adherence to the EU Data Protection Code of Conduct

Share this post:

By Cristina Cabella, Chief Privacy Officer, IBM and William Tworek, Director of Security & Privacy, IBM SaaS 

As part of IBM’s robust and enduring commitment to protecting our clients’ data, we have just signed up another 24 of our services to the EU Data Protection Code of Conduct for Cloud Services (The EU Cloud Code of Conduct). Customers can now be further assured that those additional Software as a Service (SaaS) offerings – as well as other services we’ve already signed-up to the Code –  go far beyond regulatory compliance for data privacy and security.   We are delighted to be the first company to offer our customers this transparent, independent endorsement across such a large portfolio of services covering not just infrastructure but also software and platform cloud services.

cristina cabella

Cristina Cabella, IBM’s Chief Privacy Officer

Having our services adhere to The EU Cloud Code of Conduct is crucial as we and our clients approach the May 2018 implementation deadline for the EU’s General Data Protection Regulation (GDPR). Signing up to the Code, which includes elements of the new regulation, means we are well placed to help clients become ‘GDPR ready.’ This is because complying with The Code entails introducing GDPR-specific measures to our services before the May 2018 deadline. What GDPR laws will look like at a national level is not yet 100% clear so while no company can currently claim full compliance with GDPR – either at an EU or at a Member State level – by signing up to The EU Cloud Code of Conduct we send a strong signal of IBM’s current GDPR readiness.

This code of conduct is unique in that it is the only cloud code which the European Commission has been involved in developing. On top of the European Commission’s active role, the thorough process to develop The Code also involved the

IBM's William Tworek

William Tworek, Director of Security & Privacy for IBM SaaS Offerings

EU’s Article 29 Working Party, representing national Data Protection Authorities.  The EU Cloud Code of Conduct is also the only code that addresses the full range of cloud services, reflecting the comprehensive nature of GDPR and covering data processors and controllers.

It is crucial that the EU Cloud Code of Conduct is both independent and transparent. Certifications are governed by SCOPE Europe, an independent code monitoring body. SCOPE Europe will assess new signings to the Code and continue to monitor them for adherence. Furthermore, rather than being buried in bilateral contracts, The EU Cloud Code of Conduct is fully transparent and accessible on-line to all who wish to examine it or use it.

The 24 services signed up this week join IBM’s SoftLayer and Bluemix Infrastructure services which were signed up to The EU Cloud Code of Conduct shortly after its launch earlier this year, and we look forward to continuing to sign up additional services in the near future. The EU Cloud Code of Conduct applies to services that use IBM’s standard terms and conditions.


Media Contact:
Anita Kelly (for IBM)

More stories

A New Public-Private Partnership to Advance Cybersecurity in France

IBM today opened its new Security Operations Center (SOC) in Lille, France. The SOC offers security incident and response services to organisations that are at the heart of the French society and economy. Operating 24 hours a day, seven days a week, the security center team will monitor the latest security events, assess their potential impact […]

Continue reading

IBM Statement on Filing an Amicus Curiae Brief in the United States Supreme Court

IBM issued the following statement on filing an amicus curiae brief in the United States Supreme Court: “Changes in technology move faster than changes in the law, and when the law addresses new technology it must consider not only the immediate facts of the case at bar, but also the potential implications that a legal […]

Continue reading

IBM Letter to House Judiciary Committee on Anti-Sex Trafficking Bill

IBM today urged leadership of the House Judiciary Committee to align its anti-sex trafficking legislation with a parallel Senate bill.

Continue reading