The EC adopted a strategy to unleash the potential of cloud computing, where it marked data protection legislation as one of the main barriers for the development and expansion of cloud computing in Europe. In light of the EC goal to ensure a stimulating environment for the development of cloud computing in the EU, this paper aims to assess the consequences of the new roles and responsibilities of cloud service providers and the new rights for individuals under the GDPR. The analyses show that, in line with the position of data protection in the EU as a fundamental right, the GDPR considerably raises standards of data protection in cloud computing, which faces EU cloud service providers with a more demanding position than their non-EU competition. Further analysis shows that by promoting privacy enabling technology and by the extraterritorial application of the GDPR, together with the hefty fines for non-compliance, the GDPR provides tools that might force non-EU service providers to adjust their business model to EU standards, thus rebalancing possible market disruption in cloud computing. The paper concludes that the GDPR provides tools that might result in raised standards of data protection globally and in cloud computing in particular.

中文翻译：

---

欧盟数据保护改革：云计算的挑战

欧共体采取了一项释放云计算潜力的战略，该战略将数据保护法规标记为欧洲发展和扩展云计算的主要障碍之一。鉴于EC的目标是确保为欧盟的云计算发展提供一个令人兴奋的环境，因此本文旨在评估云服务提供商的新角色和职责以及GDPR下个人的新权利的后果。分析表明，与数据保护在欧盟中的基本权利相一致，GDPR大大提高了云计算中的数据保护标准，而与非欧盟竞争者相比，欧盟云服务提供商面临着更高要求的地位。进一步的分析表明，通过促进隐私保护技术和GDPR的域外应用，以及对违规行为的巨额罚款，GDPR提供了可能迫使非欧盟服务提供商将其商业模式调整为符合欧盟标准的工具，因此重新平衡云计算中可能出现的市场混乱。本文得出的结论是，GDPR提供的工具可能会导致提高全球数据保护标准，尤其是在云计算方面。