2 comments

[ 4.2 ms ] story [ 17.0 ms ] thread
In a July 16, 2020 ruling dubbed “Schrems 2,” the European Court of Justice ruled that the EU-U.S. “Privacy Shield” agreement does not provide adequate protection of personally identifiable information under the General Data Protection Regulation (GDPR).

In essence, the Schrems 2 ruling means that U.S.-owned cloud providers such as Google, Amazon Web Services (AWS), and Microsoft Azure cannot be used to store data about European citizens without violating the GDPR. You know, the regulation that famously can fine violators 20 million Euros or 4% of annual revenue, whichever is larger.

Read how Kubernetes and cloud-native projects can be an enabler for cloud-agnostic GDPR compliance.

tl;dr summary (disclaimer: I am the author): multi-cloud strategies are finally much more realistic to implement, thanks to cloud-native technology such as Kubernetes and other software from the CNCF landscape running on top of Kubernetes. And due to the EU/US Privacy Shield agreement no longer being admissible since Schrems II, you pretty much have to start taking jurisdiction for your data processing and storage into serious consideration.