- Deutsche Telekom, Airbus and other 15 EU companies have criticised a proposal that would allow Big tech to bid for highly sensitive EU cloud computing contracts.
- The proposal removes the so-called sovereignty requirement from an earlier draft that would have required U.S. tech giants to form joint ventures or partner with EU companies to receive the highest level of the EU’s cybersecurity label.
- Big tech companies are looking to the government cloud market to spur growth, but the EU is concerned about illegal state surveillance and the dominance of U.S. cloud providers.
Criticised proposal removes sovereignty claims
Deutsche Telekom, Orange, Airbus and other 15 EU companies have criticised a proposal that would allow Amazon, Google and Microsoft to bid for highly sensitive EU cloud computing contracts. The draft plan from Belgium, which currently holds the rotating EU presidency, involves a certification scheme (EUCS) to guarantee the cybersecurity of cloud services and help governments and companies in the EU choose secure and trustworthy providers for their businesses.
The proposal removes a so-called sovereignty requirement from an earlier draft that would have required U.S. tech giants to form joint ventures or partner with EU companies to store and process customer data in the EU to receive the highest level of the bloc’s cybersecurity label.
Cyber security experts from the 27 EU countries will discuss Belgium’s plan on April 15, which could pave the way for the European Commission to adopt a cyber security plan in the northern Hemisphere autumn.
Also read: OVHcloud pioneers quantum computer to support Europe
A joint letter addressed to national authorities and officials of EU
In a joint letter to national authorities and senior European Commission officials, Deutsche Telekom, Orange, Airbus and 15 other companies said EU countries should reject the latest proposal without a claim to sovereignty. “The inclusion of EU headquarters and European control requirements in the main scheme is necessary to reduce the risk of illegal data access based on foreign law,” they said.
Without these requirements, they warn, foreign governments could access European data under laws such as the U.S. Cloud Act or China’s National Intelligence Law.
Big tech companies are looking to the lucrative government cloud market to spur growth, while the European Union, on the other hand, is concerned about illegal state surveillance and the dominance of U.S. cloud providers. The EU cybersecurity label should be modeled after Europe’s Gaia-X cloud computing platform, which aims to reduce the bloc’s reliance on Silicon Valley giants and has sovereignty claims, the EU company said.
“Removing these requirements from the program would seriously undermine the viability of sovereign cloud solutions in Europe – many of which are in development or already available in the market,” the companies said.