Buongiorno, non mi pare di aver trovato notizie del CISPE in lista. --8<---------------cut here---------------start------------->8--- CISPE (Cloud Infrastructure Services Providers in Europe) is a non-profit trade association for infrastructure as a service (IaaS) cloud providers in Europe. It was started to aid IaaS providers in explaining their business model to policymakers. [...] The association aims to advocate for an EU-wide cloud-first public procurement policy and engage for a European Digital Single Market including the promotion of high-level security and data protection rules/standards as well as avoiding vendor lock-in. In June 2020, the association became one the 22 founding members of GAIA-X --8<---------------cut here---------------end--------------->8--- CISPE promuove un registro pubblico https://cispe.cloud/publicregister/ di fornitori certificati (o autocertificati) con il loro... Codice di Condotta... olè! Guardando tra i fornitori **certificati** troviamo Amazon con diversi servizi AWS dagli USA... e Tencent Cloud Computing dalla Cina. Mumble mumble, ma davvero?!? Nella pagina del codice di condotta https://cispe.cloud/code-of-conduct/ dicono: --8<---------------cut here---------------start------------->8--- CISPE’s Code of Conduct for data protection anticipates the enforcement of the European Union’s General Data Protection Regulation (GDPR). On March 2017 the CISPE Code of Conduct was submitted for review and approval by the European Data Protection Board (EDPB). This review is currently underway by the EDPB. --8<---------------cut here---------------end--------------->8--- Il Code of Conduct è del Marzo 2017, non riesco a trovare se EDPB ne frattempo abbia commentato qualcosa. Trovo però che CISPE sollecita EDPB: --8<---------------cut here---------------start------------->8--- the adoption of a clear and simple approval procedure as well as greater clarity over the timeline necessary to obtain such approval. CISPE therefore asks the European Data Protection Board to facilitate efficient coordination between Data Protection Authorities so that Codes of Conduct will be approved under transparent and fixed timelines. --8<---------------cut here---------------end--------------->8--- (tratto da https://cispe.cloud/website_cispe/wp-content/uploads/2019/04/190402-CISPE-re...) Io già intravedo l'implementazione del GDPR attraverso certificazioni a fronte di Code of Conduct dove i fornitori se la cantano e se la suonano :-O Oppure il CISPE è un tentativo innocuo di annacquare il GDPR che non trova sponde nella commissione e nel EDPB? Saluti, Giovanni -- Giovanni Biscuolo