What is GDPR?
On the 25th of May 2018, the GDPR was enforced, a significant reform in Europe's digital privacy laws. The GDPR can be considered as the world's most robust law on data protection. The General Data Protection Regulation specifies the data privacy regulation and protection in the European Union (EU) and the European Economic Area (EEA). The provisions of the GDPR are consistent across all 28 EU member states. This means every organization worldwide that has a business in the European Union or handles EU residents' data (even if you aren't based in the EU) should be GDPR compliant. At the heart of GDPR is personal data privacy and protection.
GDPR + Cloud
Any business in the world, irrespective of their location, should be GDPR compliant if they store or deal with EU residents' personal data. This data can be as obvious as a person's name or location data or something less apparent like an IP address and cookie identifiers. Safeguarding customers' personal data and showing that you adhere to laws such as GDPR proves to customers and partners that you care about their data. When using Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), as a customer, you are responsible for configuring and using cloud services in a way that complies with the applicable directives contained within GDPR. Failure to comply with GDPR results in hefty fines and lawsuits.