International data protection with EU-entities of US-headquartered IaaS providers
The General Data Protection Regulation (GDPR), a legal mandate across the EU, requires enhanced protection for EU personal data transferred to countries with inadequate levels of data protection safeguards—including the US. The EU-US Privacy Shield, which was in place until 2020, facilitated these protections but was invalidated by the Schrems II ruling as a result of US surveillance concerns.