(15 February 2022) – A joint investigation was launched today by 22 national data protection authorities on how the public sector uses cloud services.

The initiative is the first under the Coordinated Enforcement Framework of the European Data Protection Board (EDPB), the EU body that gathers all European data watchdogs to ensure coordinated enforcement of the GDPR privacy rules.
In October 2020, the Board decided to undertake joint probes every year on specific issues that might have cross-border significance as part of its three-year strategy. Last year, the topic was selected among other vital areas such as website security and mobile apps.
Cloud computing is a top priority for many data protection authorities across the EU. Specific national investigations went as far as considering the compliance of specific tools such as Microsoft Office.
In the landmark Schrems II ruling, the EU top court declared the transfer of personal data to the United States illegally as the American jurisdiction was deemed not to offer adequate data protection standards compared to the European privacy law. (Euractiv)