On 1 August 2014, the International Standards Organisation (ISO) and the International Electrotechnical Commission (IEC) published the first privacy-specific international standard for the cloud: ISO/IEC 27018 "Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors". Early adopters Microsoft announced on 16 February 2015 that it was the first company to receive certification for the standard.
The US Department of Commerce’s International Trade Administration (ITA) has provided some clarification regarding how the US-EU Safe Harbor Framework applies to cloud computing.
The ITA does not believe that cloud computing represents an entirely new business model or presents any unique issues for the Safe Harbor. The ITA clarifies that the existing Safe Harbor Privacy Principles are comprehensive and flexible enough to address the issues raised by the cloud computing model.