Infosec In Brief Switzerland’s Conference of Data Protection Officers, Privatim, last week issued a resolution calling on Swiss public bodies to avoid using hyperscale clouds and SaaS services due to security concerns.

“Most SaaS solutions do not yet offer true end-to-end encryption that would prevent the provider from accessing plaintext data,” the resolution states. Privatim therefore thinks SaaS or hyperscale clouds – especially those subject to the US CLOUD Act – are not appropriate places for Swiss government agencies to place “particularly sensitive personal data or data subject to a legal obligation of confidentiality.”

The resolution also points out that cloud and SaaS service providers can unilaterally amend their terms and conditions, potentially eroding security and privacy pr

See Full Page