The Cloud Security Alliance (CSA) has been busy. The non-profit organization that focuses on cloud security best practices has launched a Privacy Level Agreement (PLA) Working Group in the EU. The group also announced a new partnership with the Hong Kong Applied Science and Technology Research Institute (ASTRI) to help build cloud computing security and cloud capabilities that will will help speed the development of the cloud ecosystem in Hong Kong.

The new working group define best practices and compliance baselines for data protection. They are also working to establish standards for communicating of privacy measures while hosting third-party data. Daniele Catteddu, managing director EMEA for CSA said,

The PLA Working Group, which consists of independent privacy and data experts, is tasked with defining a compliance baselines for data protection legislation and establish best practices for defining a standard for communicating the level of privacy measures such as data protection and data security that it agrees to maintain while hosting third-party data.

“The goal of this Working Group is to create a structure for privacy disclosures that will provide both cloud providers and their customers with an objective and comparable way by which to communicate their personal data handling practices.”

In addition to forming the new working group, the CSA, which is based in Singapore, revealed it has partnered with ASTRI to collaborate on applied cloud security research. The newly formed team hopes to  integrate industry and academia’s efforts into a joint framework that fosters cloud computing initiatives in Hong Kong and the greater China region.

At the end of August, CSA revealed it was collaborated with Fujitsu Laboratories of America, a communication technology specialist to launch the Big Data Working Group (BDWG).  The new group will work to define best practices for security and privacy in big data, help industry and governments with adoption of best practices, establish liaisons with other organizations  to coordinate the development of big data security and privacy standards and help accelerate the adoption of research that addresses security and privacy issues. The group will be co-chaired by representatives from Fujitsu, eBay and Verizon.

It’s important that groups like CSA exist to establish vendor neutral cloud standards. Efforts like OpenStack are attracting lots of attention, but true cloud standards have yet to materialize. Standards may not be as sexy as discussing the latest and greatest cloud offering, but they are essential for avoiding vendor and platform lock-in. Hopefully, the new CSA initiatives will take shape and push cloud maturity forward.