With the entry into force of the so-called “CLOUD Act”, in future, international companies with head offices in the United States could be obliged by local laws to disclose data. “The extent to which the law is compatible with the European General Data Protection Regulation must now be clarified”, demands Oliver Süme, Chair of the Board at eco. “The United States also has a duty to comply with international law. Access to data can only be requested on the basis of international agreements. This is also stated in the EU's General Data Protection Regulation, which will apply in all EU Member States from 25 May”, continues Süme. It is now imperative that, as part of new agreements with the USA and other states, the European Union advocates for controlled procedures which comply in particular with the General Data Protection Regulation and the Privacy Shield. “European and European-based international companies urgently need legal certainty in the handling of data and access by third parties. This also applies to the cloud providers with a presence in Europe”, emphasizes Süme.