This chapter draws on qualitative interviews, documentary analysis, and observation data to analyze how European data protection authorities (“EU DPAs”) exercise one of their statutory enforcement powers, namely, investigations to determine the compliance of cloud providers with the relevant data protection laws. The empirical analysis presented in this chapter supports two arguments. Firstly, the investigations of cloud providers by EU DPAs (“Cloud Investigations”) are complex regulatory processes that often involve different co-operative relationships between various actors, such as DPAs. In reality, manifold interactions and practices, such as facilitative instruments, are deployed to form and perform such collaborations which are vital in ensuring the consistent application and enforcement of common data protection principles in an increasingly globalized context. Secondly, Cloud Investigations are also dynamic as they can involve continually evolving regulatory enforcement styles and compliance attitudes. Providers of cloud services can often resist the attempts of the EU DPAs to direct the investigative process in specific ways. How such resistance is resolved is very much context-dependent.
You are not authenticated to view the full text of this chapter or article.
Get access to the full article by using one of the access options below.