As per the Schrems II ruling the US is no longer an adequate country for EU personal data. BCS recently did a recent webinar on the legal aspects here [https://www.bcs.org/content-hub/webinar-what-do-you-need-to-know-about-schrems-ii/].
So far, the ICO guidance in the UK is to map your data flows in preparation for further guidance. To help companies with this, this working session will be a joint event between the Open Security Summit and the BCS focussed on the data flows. We’ll be combining the legal aspects, with data labelling and threat modelling techniques, to produce an interactive event.
We’ll be discussing two key uses case (a) the use of US cloud providers for email services and (b) the use of US cloud providers for infrastructure.
Before joining this talk, listen to these previous talks:
- Security Labels for Covid Apps working session at 2020 Open Security Summit
- Threat Modeling for Schrems II
- Refresher on Security Labels working session at 2020 Open Security Summit