The EU data protection regulations that were adopted  in April 2016, states that personal data concerning citizens within the  European Union may not be exported outside the EU (European Commission, 2016).

This regulation has some impact on using the cloud. Now  consumers in the EU have to take the new requirements into consideration. That  means that they have to make sure that not only they use sufficient security  measures but also that the processing of the data underlies the new  regulations. Consequently the customer has to make sure that also the provider has  implement the required safety measures. This can be problematic because cloud  providers often are reluctant to share information about their applied safety  measures (Gilbert, 2012).