Cloud security group calls for clarity in GDPR guidance on requirements, role of regulators

European officials should clarify that the elements outlined in their guidance for accrediting General Data Protection Regulation certification bodies are not optional, as well as resolve the authority of country-specific supervisory agencies, the Cloud Security Alliance said in comments to the European Data Protection Board.

The deadline expires today for submitting comments to the board on guidance for the implementation of article 43 of GDPR, which describes requirements for entities that would be empowered to certify compliance with the...