Cloud service providers seeking contracts within the EU will face less stringent sovereignty rules than previously anticipated. Europe appears to be removing a requirement that providers be independent of laws and regulations outside the EU.
Large cloud providers such as AWS, Microsoft and Google could potentially find it easier to secure cloud contracts as a result. A proposed rule requiring them to prove they are not subject to laws and regulations outside the EU will be removed, writes Reuters, based on insight from a relevant document.
Instead of very far-reaching measures, under the new March 22 version, cloud providers will only have to provide information on where their customers’ data is stored and processed. In addition, they must indicate which (EU) laws apply to this data.
EU security measures for cloud providers
The EU has long been working on the cybersecurity certification scheme (EUCS) to establish the sovereignty of cloud services within the EU. These regulations should help governments and businesses in individual member states select a secure and reliable cloud service provider.
With these cloud service sovereignty regulations, the EU wants to prevent easy spying by countries. Moreover, some unnamed member states fear that the dominance of mainly U.S. cloud providers could hinder the emergence of European alternatives.
A draft version of the new laws and regulations would, therefore, have proposed that U.S. cloud providers enter into a joint venture with a European provider to provide services to EU governments and companies. Also, data storage and processing would have to occur within the EU to obtain the sovereignty label.
Criticism of European companies
The proposed sovereignty requirements received much criticism from European companies, especially from the banking and insurance sectors and tech startups. According to these companies, it is more important that technical measures regulate the security of cloud services than political and sovereignty measures. So, this criticism now seems to have taken effect.
Read also: EU investigating Google, Apple and Meta for Digital Markets Act violations
This post was originally published on the 3rd party site mentioned in the title of this this site