Urgent letter CIO Platform Nederland to the DPA’s to test software together

Urgent letter CIO Platform Nederland to the DPA’s to test software together

2019-09-23 Brandbrief AP.jpgTuesday 24 September 2019

Today CIO Platform Nederland has sent a letter to the board of Autoriteit Persoonsgegevens (AP, Dutch DPA) the Dutch Data Protection Authority. In it we call on AP to set up a program together with the other European DPA’s that should lead to better compliance of commonly used software products, services and the associated conditions with the General Data Protection Regulation (GDPR).

The reason for this is the case* of Strategisch Leveranciersmanagement Rijk (Strategic Vendor Management for the central government – SLM Rijk) with regard to Microsoft, about which information has regularly been shared. This case shows that the time and costs involved in getting just a handful of Microsoft products, services and agreements to comply with GDPR are huge. When that experience is extended to all vendors, their products, services and agreements and to all customers (who are often held responsible by GDPR), then it is unaffordable and next to impossible to be compliant with GDPR.

In the interests of users, vendors, DPA’s and the individuals whose data are processed, it is desirable that testing and adaptations are done once only and done right for the whole of Europe. That requires joint action by the DPA’s united in the European Data Protection Board.

*See also: Tweede Kamer (Dutch Parliament), 2018-2019, 26 643, nrs. 585 and 622. See also: https://www.rijksoverheid.nl/documenten/publicaties/2018/11/12/strategisch-leveranciersmanagement-microsoft-rijk-slm-microsoft

Please find the letter here (for CIO Platform Nederland members only, behind login)

« Back

More news

CIOTV #75 What about the maturity of digital transformations? With Martijn Koning and Arthur Govaert

ciotv 75 martijn en arthurMonday 04 July 2022 In this special seventy-fifth episode of CIOTV, current chairman Martijn Koning (Chief Digital & Sustainability Officer AutoBinck Group) and former chairman Arthur Govaert (VP Innovation Program ... full story

Fair Principle 3: Customers shall remain in control of their own data and all the data uploaded or processed by the service/solution.

Fair Principle 3Thursday 30 June 2022 Business users associations Beltug, Voice, Cigref and CIO Platform Nederland call for a balanced cloud market: 11 fair principles to unleash Europe’s digital potential. Fair principle 3 calls for customers to remain in control of their own data and all the data uploaded or processed by the service/solution. full story

Fair Principle 2: Vendors must not create a technical or commercial lock-in

Fair Principles 2Thursday 23 June 2022 Business users associations Beltug, Voice, Cigref and CIO Platform Nederland call for a balanced cloud market: 11 fair principles to unleash Europe’s digital potential. Fair principle 2 calls for every vendor to avoid creating a technical or commercial lock-in. full story

Urgent call to European Commission regarding the European Cybersecurity Certification Scheme for Cloud Services (EUCS)

2021-05-18 Terugkoppeling gesprek met Europese Commissie over digitale technologiebeleid.pngWednesday 22 June 2022 CIO Platform Nederland calls on the European Commission not to adopt the EUCS until the consequences for business users in industry and government in Europe have been thoroughly investigated, a consultation of stakeholders has taken place and the responsible political bodies have weighed up the digital autonomy, costs and benefits of a decision. full story

View all news items through the archive

Close