Connect with us

Hi, what are you looking for?

Technology

Big Tech cries foul over EU cloud-security label

Tech lobbyists in Brussels are calling for the European Union to reconsider its plans to force major cloud providers like Microsoft, Amazon and Google to abide by a new cybersecurity label aimed at blocking U.S. snooping in Europe.

Officials at the EU’s Cybersecurity Agency (ENISA) are finalizing a certification scheme for cloud companies to prove they abide by high cybersecurity standards. But the draft requirements to obtain the label, first reported by POLITICO in April, could also force U.S. cloud giants to disavow Washington’s data-access laws, restructure their operations and even cut off foreign investors from decision-making.

Four major lobby groups — ITI, CCIA Europe, BSA and Amcham EU, all of which have American cloud giants as key members — on Tuesday released a statement saying requirements aimed at boosting Europe’s sovereignty over the cloud sector “are politically motivated, will create complex legal compliance procedures and will not add to increased levels of cybersecurity.”

“The potential inclusion of ‘digital sovereignty’ provisions that would require the maintenance, operations of the cloud service and data to be solely located within the EU, would limit cloud service providers’ eligibility for the highest level” of the cybersecurity certification scheme, the statement said.

The European tech association DigitalEurope is also drafting a letter expressing concerns about the scheme, which it plans to send to national governments later this week.

“The consequences of having the wrong scheme on our future economic growth, and for our very security, would be disastrous,” DigitalEurope’s Director General Cecilia Bonefeld-Dahl said, adding the label was being developed through “a very opaque process … with specific players and individual member states pushing their own agenda under the guise of ‘sovereignty.'”

The cloud-security label is one of Europe’s first cybersecurity schemes designed by officials at ENISA. It aims to nudge cloud providers to increase their cybersecurity policies to obtain an official stamp of approval by European authorities.

The EU initiative follows work in France on a label called the SecNumCloud and is developed by an “ad hoc working group” at ENISA that includes officials from companies like SAP, Deutsche Telekom’s T-Systems, Cisco, Amazon and others.

In addition to technical measures required to get the stamp of approval, the working group is also considering measures to give European courts jurisdiction over disputes, list “residual risks related to non-EU laws with extraterritorial application” and indicate in contracts that data will fall under EU law. It could even propose that non-EU investors in cloud service providers shouldn’t be allowed “control” over the services.

The cloud label has pitted two groups of European countries against each other.

On one side, major powers France, Germany, Italy and Spain sent around a joint nonpaper earlier in favor of including immunity requirements in the scheme to stop U.S. snooping on cloud data. The group is being led by Paris, where officials have railed against American extraterritorial data laws like the U.S. CLOUD Act for years.

On the other side, Ireland, Sweden and the Netherlands pushed back on the sovereignty requirements in an earlier letter obtained by POLITICO, arguing they don’t belong in a cybersecurity certification scheme.

ENISA did not immediately respond to a request for comment. The agency previously said the requirements were still under discussion and added the sovereignty requirements would apply only to cloud services that want proof of the highest level of cybersecurity in cloud services, and that a final scheme would need formal approval from EU institutions before entering into force.

This article is part of POLITICO Pro

The one-stop-shop solution for policy professionals fusing the depth of POLITICO journalism with the power of technology


Exclusive, breaking scoops and insights


Customized policy intelligence platform


A high-level public affairs network

Click to comment

Leave a Reply

Your email address will not be published.

You May Also Like

Europe

Salah Abdeslam, the only surviving member of the group that carried out the November 2015 Paris terror attacks, was found guilty of murder Wednesday and...

Europe

FRANKFURT – German inflation eased to 8.2 percent in June from 8.7 percent in May, data released by the German statistics office showed Wednesday. Analysts...

Foreign Policy

MADRID — Italy “will be supplying” Ukraine with heavy weapons “similar” to the howitzers that Germany and the Netherlands are sending to the country,...

Europe

PARIS — A French appeals court on Wednesday rejected Italy’s request to extradite 10 far-left terrorists exiled in France for decades for their involvement...

Europe

Nearly half of Northern Ireland voters trust the European Union to represent their post-Brexit interests — and almost none of them trusts the British...

Europe

MADRID — NATO leaders meeting in Madrid adopted a new strategic blueprint on Wednesday bluntly branding Russia as “the most significant and direct threat to...

Europe

Spain’s Prime Minister Pedro Sánchez “was not aware” of all the information and hadn’t seen the images of chaos in Melilla when he praised...

Europe

MADRID — Russia’s reaction so far has been “rather mild” to Sweden getting the green light to join NATO, Swedish Prime Minister Magdalena Andersson said...