As you all know security, privacy, and protection of our customer’s data is our number one priority and as such we work very closely with regulators to ensure that customers can be assured that they are getting the right protections when processing and storing data in the AWS. I am especially pleased that the group of European Union (EU) data protection authorities known as the Article 29 Working Party has approved the AWS Data Processing Agreement (DPA), assuring customers that it meets the high standards of EU data protection laws. The media alert below that went out today gives the details:

欧盟数据保护当局批准亚马逊网络服务的数据处理协议

世界各地客户都放心,AWS协议符合严谨的欧盟隐私法

布鲁塞尔 - 2015年3月31日 - 亚马逊网络服务(AWS)今天宣布,欧洲联盟(欧盟)的数据保护机构称为第29条工作组已批准AWS数据处理协议(DPA),确保客户达成的客户高标准的欧盟数据保护法。AWS DPA的批准,其中体现了标准的合同条款(通常被称为模型条款),意味着AWS客户希望将个人数据从欧洲经济区(EEA)转移到其他国家可以做出更多的知识他们在AWS上的内容将获得相同的高水平保护它在EEA中获得。有关第29条工作组的批准,请访问Luxembourg数据保护机构网页:http://www.cnpd.public.lu / enactualites/international/2015/03/aws/index.html.

The AWS cloud is already being used extensively across the EU by startups, government agencies, educational institutions and leading enterprises such as Réseau Ferré de France and Veolia, in France, St James’s Place and Shell in the UK and Talanx and Hubert Burda Media in Germany. AWS customers have always had the freedom to choose the location where they store and process their content with the assurance that AWS will not move it from their chosen region. Customers have access to 11 AWS regions around the globe, including two in the EU – Ireland (Dublin) and Germany (Frankfurt) – which are comprised of multiple Availability Zones for customers to build highly secure and available applications. The DPA with Model Clauses gives AWS customers more choice when it comes to data protection and assures them that their content receives the same high levels of data protection, in accordance with European laws, no matter which AWS infrastructure region they choose around the world. The DPA is now available on request to all customers that require it.

“我们客户数据的安全,隐私和保护是我们的首要任务,”Amazon.com首席技术官Werner Vogels博士说。“为客户提供已被欧盟数据保护当局批准的DPA是另一种方式,我们正在向他们提供保证,即他们将获得AWS的最高水平的数据保护。我们花了很多时间建设工具,如安全控制和加密,为客户提供保护其基础架构和内容的能力。我们将始终努力为欧盟和世界各地的AWS客户提供最高水平的数据安全性。“

在发给AWS的信中,第29条工作人员表示,“欧盟数据保护当局已经分析了亚马逊网络服务提出的安排”,“已得出结论,修订后的数据处理附录符合标准合同条款2010/87/EU and should not be considered as ‘ad-hoc’ clauses.” This means customers can sign the AWS Data Processing Addendum with Model Clauses without the need for authorization from data protection authorities, as would be necessary for contract clauses intended to address EU privacy rules that have not been approved, known as “ad hoc clauses.”

除了由第29条工作组批准的DPA,AWS完全符合所有适用的欧盟数据保护法,维护强大的全球安全标准,如ISO 27001,SOC 1,2,3和PCI DSS级别1. 2013年,AWS Cloud批准了De Nederlandsche Bank,用于荷兰金融服务部门,为荷兰的金融服务公司开门,在AWS上储存机密数据并运行关键任务申请。AWS有解决方案建筑师,帐户经理,培训师和其他工作人员,欧盟专业培训云安全和遵守符合AWS客户,因为他们将应用程序移动到云端。AWS还帮助客户达到当地的安全标准,并推出了由独立认证机构TÜV信托制定的客户认证工作簿,为客户提供有关如何在德国的BSI IT Grundschutz认证的指导。必威体育精装版app官网工作簿的副本可以找到:http://aws.amazon.com/compliance/

“欧盟在世界上拥有最高的数据保护标准,欧洲议会成员的Antanas Guoga表示,欧洲公民的数据是非常重要的。”“我认为第29条工作组决定批准亚马逊Web服务提出的数据处理协议是向前方向前进的一步。我很高兴看到AWS强调保护欧洲客户数据。我希望这一决定还有助于推动欧盟云计算领域的进一步创新。“

“对我们而言,像许多公司一样,数据隐私是至关重要的,”Hubert Burda Media首席科学家JP Schmetz说。“我们选择AWS的原因之一是他们非常重视为所有客户维护最高的安全和隐私。这就是为什么我们将关键任务工作负载移动到AWS。“

有关AWS Model Clauses的更多信息,请访问:http://aws.amazon.com/compliancs/eu-data-protection.有关AWS数据保护实践的更多信息,可以在AWS数据保护网页上找到:http://aws.amazon.com/compliance/data-privacy-faq/。AWS Compliance网页上的AWS Compliance网页可以找到完整的合规性认证和AWS维护安全和数据保护的强大控件列表http://aws.amazon.com/compliance/

评论