Digital Policy Alert logo

France: Published updated SecNumCloud repository of requirements for cloud service providers

Go to policy change overview
Share

Compare with different regulatory event:

Description

Published updated SecNumCloud repository of requirements for cloud service providers

On 8 March 2022, the National Cybersecurity Agency of France (ANSSI) published an updated “SecNumCloud” (SecNumCloud 3.2) repository of requirements for cloud service providers. The new version of SecNumCloud complies with European requirements related to the Court of Justice of the European Union’s “Schrems II” ruling. It also clarifies protection criteria regarding extra-European laws to ensure that the cloud service provider and the data it processes cannot be subject to non-European laws.

Original source

Scope

Policy Area
Public procurement
Policy Instrument
Public procurement access
Regulated Economic Activity
infrastructure provider: cloud computing, storage and databases
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2021-05-17
adopted

As part of its National Cloud Strategy, the French government announced a new "cloud de confiance" …

2022-03-08
adopted

On 8 March 2022, the National Cybersecurity Agency of France (ANSSI) published an updated “SecNumCl…