The Cloud Infrastructure Providers in Europe (CISPE) recently released a code of conduct, announcing that they want to keep Europeans’ data stored in the cloud within the European Union.

The code requires member service providers to “offer their customers the ability to exclusively process and store data within EU/EEA territories.”

CISPE is a relatively new coalition of more than 20 cloud service providers. The code of conduct also provides that “cloud customers will receive the assurance that providers of cloud infrastructure services do not process their personal data, for their own benefit, or for the resale to third parties, such as for the mining of personal data, profiling of data subjects, marketing or similar actions.”  

The feasibility of CISPE’s data localization gambit will quickly be tested as the Trade in Services Agreement (TiSA) negotiations wrap up by the end of the year to replace the General Agreement on Trade and Services.

The EU Parliament’s international trade committee published a report on TiSA earlier this year that emphasized the importance of TiSA to the digital economy and called for a “comprehensive prohibition on forced data localization requirements and to ensure that TiSA contains future-proof rules and prevents fragmentation of the digital world.”

The announcement says that the code aligns with requirements set out in the EU General Data Protection Regulation.

Cloud service infrastructure service providers that comply with the code will be granted a trust mark so customers know they’re compliant.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.