iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The European Union (EU) has abandoned regulations that would require cloud providers to be independent of non-EU legislation in its latest cyber security certification scheme draft.
For some time now, the EU has sought to develop a cyber security certification scheme to regulate the cyber security standards of cloud services and assist EU governments and organisations in choosing reliable and secure cloud vendors.
Concerns with foreign illegal espionage and the dominance of US tech organisations and cloud providers led the EU to mandate that US cloud giants like Google, Microsoft and Amazon partner with EU-based companies for the storage and processing of customer data to ensure the data remained within the EU.
However, organisations both within the EU and outside of it, such as banks and start-ups, criticised the “sovereignty requirements”, saying that the scheme should focus less on political considerations and more on technical cyber security measures.
This has led to an updated draft being published on 22 March, in which the requirement for sovereignty requirements was retracted.
Now, these cloud giants will no longer need to establish joint ventures with EU organisations but only provide information outlining where EU data is being stored and processed, a move that is set to make it easier for these organisations to compete for EU cloud computing contracts.
The draft is still under review by the EU, following which the EU Commission will finalise a cyber secure a final cyber security certification scheme.
Be the first to hear the latest developments in the cyber industry.
