Preventing Data Supply Chain Issues Under the U.S. CLOUD Act & EU Law | On-Demand Webinar

Top Six Takeaways from the Webinar

The use of the U.S. cloud as part of organizational data supply chains is critical, and needs to continue for both operational and business reasons.

Joint and several liability and the shared responsibility model apply to the use of the cloud, for cloud providers and cloud users. Increasing technical protections such as through the use of Statutory Pseudonymization can reduce the risk of breach and help organizations more easily obtain cybersecurity insurance.

Schrems II and other guidance does not intend to prohibit the use of the U.S cloud; instead, compliant use is the intention by leveraging technical controls.

Access controls and encryption only protect data in transit and in storage, but most data is still processed in cleartext, leaving it vulnerable to breach.

The U.S. cloud can be used in a compliant manner with appropriate technical and organizational controls.

Statutory Pseudonymization allows EU-US transfers and compliant processing, including compliant further processing in the cloud for AI, ML and analytics.

Key Highlights

100%

of the audience said the sharing and processing of data with other legal entities and third parties is necessary for their organizations.

97%

of the audience also indicated that the potential liability from data supply chain partners failing to protect data when in use is an issue for them.

Full Webinar Replay

Presentation Slides

Slide - 1/29

Preventing Data Supply Chain Issues Under the US CLOUD Act & EU Supply Chain Law

Yes, You Can Use the Cloud in Compliance with Data Protection Laws!

Is the sharing and processing of data with legal entities/third parties necessary for your organization?

Are you exposed to liability from failures of your data supply chain partners to protect your data when in use?

Data supply chain partners increasingly demand proof of technical measures like Statutory Pseudonymization that protect data when in use to reduce risk and exposure from improper data processing and breach

Corporate Sustainability & Due Diligence Obligations

US Hyper-Scaler Promises Are Not Enough by Themselves

Security for Data in Use Through Dynamic Enforcement of Use-Case Specific Statutory Pseudonymization Controls

Specifications for Statutory Pseudonymization

GDPR Statutory Pseudonymization EDPB Use Case 2: Transfer of Pseudonymized Data

It is Possible to Protect When in Use in Untrusted Environments

Statutory Pseudonymization with Data Embassy®: No Trade-off Between Data Protection and Data Utility

Anonos Data Embassy dynamic de-identification, pseudonymization and anonymization systems, methods and devices are protected by an intellectual property portfolio

How to join the “Statutory Pseudonymization” LinkedIn Group

Attention IAPP Certified Privacy Professionals

For questions on this or other IAPP Web Conferences or recordings or to obtain a copy of the slide presentation please contact: livewebconteam@iapp.org

NOTICE: By clicking the “Submit Inquiry” button above to submit this form, you provide explicit consent for Anonos and subsidiaries of Anonos to process the information you provide, including your name and email address: (i) to deliver our response to you; (ii) to provide related information to you; and (iii) via transfer and processing occurring outside of the European Economic Area, including within the USA; all in accordance with the terms of Anonos’ privacy policy available at anonos.com/privacy. If you do not wish to submit your information to Anonos for the processing explicitly authorized above, you should not submit this form. You may also contact Anonos at dpo@anonos.com with any questions.