CTOLCTOL Solutions
EnglishDeutschSchwiizerdütsch (Coming Soon)FrançaisItaliano (Coming Soon)Español (Coming Soon)日本語 (Coming Soon)한국인简体中文繁體中文 (Coming Soon) (Coming Soon)اللغة العربية
News
Services CIO/CTO AdvisoryCloud ComputingDigital Marketing and SalesData Science and Business IntelligenceGenerative AI for BusinessWeb3 and Defi for EnterpriseWeb and Mobile Apps DevelopmentDigital Business ConsultancyLegacy App ModernizationWeb Design and User Experience
Industries Aerospace and DefenseAutomotiveBankingCapital MarketsCommunications and MediaConsumer Goods and ServicesEnergyHealth and Health CareInternetManufacturingInsurancePublic & Social SectorRetailTravelTelecommunicationsPharmaPrivate Equity & venture CapitalEducationOil and GasReal EstateConstruction and Building MaterialLegal ServicesGastronomy and Hospitality
InsightsSoftwareAI Tools
Contact Us
EU Industry Groups Caution Against EUCS Discrimination

EU Industry Groups Caution Against EUCS Discrimination

By
Louis Mayer
2 min read
InternetLegal Servicesbusiness

Major Industry Groups in Europe Caution Against Discrimination in EU Cybersecurity Certification Scheme (EUCS)

A coalition of 26 industry groups in Europe has raised concerns over the potential discrimination against major cloud service providers such as Google, Microsoft, and Amazon within the EU Cybersecurity Certification Scheme (EUCS). They are advocating for a non-discriminatory approach to ensure a diverse range of cloud providers remains accessible to European organizations.

Significantly, the sovereignty requirements, previously compelling US companies to form joint ventures within the EU for data storage and processing, were removed from the EUCS in March 2024. This move marks a substantial shift from the regulations initially designed in 2020 to safeguard the data of EU citizens to the same standards, even when processed outside the EU.

The coalition's joint letter emphasizes the necessity of an inclusive EUCS to support European digital ambitions and enhance security and resilience. However, opposition from certain EU cloud providers, including Deutsche Telekom, Airbus, and Orange, arises from concerns about potential data breaches by non-EU countries operating under their own laws.

This debate highlights the delicate balance between regulatory compliance and market competition in the rapidly growing cloud market.

Key Takeaways

  • Coalition of 26 industry groups warns against discrimination of major cloud service providers in EUCS.
  • EUCS has relaxed sovereignty requirements, which previously mandated US companies to form joint ventures within the EU.
  • Inclusive EUCS advocated to support European digital ambitions and enhance security and resilience.
  • Certain EU cloud providers oppose the removal of sovereignty requirements, fearing potential data breaches.

Analysis

The relaxation of sovereignty requirements within the EUCS has triggered a debate over data security and market access in Europe's expanding cloud sector. While this change may stimulate competition and market growth by easing entry for major non-EU providers, it also raises concerns about potential data breaches and compromised data sovereignty for EU-based providers.

The shift toward an inclusive EUCS could lead to increased market diversity and innovation in the short-term. However, it also raises long-term concerns about potential regulatory conflicts and heightened cybersecurity risks, emphasizing the importance of balancing market competition with stringent data protection for the EU's digital strategy.

Did You Know?

  • EU Cybersecurity Certification Scheme (EUCS): A regulatory framework established by the European Union to ensure high standards of data security for cloud services used by EU citizens, regardless of where the data is processed or stored. It aims to harmonize cybersecurity standards across EU member states and protect against cyber threats.
  • Sovereignty Requirements: These regulations mandate that data generated within the EU must be stored and processed within the jurisdiction or under specific conditions that ensure the data's security and privacy according to local laws.
  • Joint Ventures within the EU: The requirement for non-EU companies, such as US tech giants, to partner with EU-based companies for the storage and processing of EU data. The removal of this requirement from the EUCS has been a contentious issue among EU cloud providers.

You May Also Like

This article is submitted by our user under the News Submission Rules and Guidelines. The cover photo is computer generated art for illustrative purposes only; not indicative of factual content. If you believe this article infringes upon copyright rights, please do not hesitate to report it by sending an email to us. Your vigilance and cooperation are invaluable in helping us maintain a respectful and legally compliant community.

Subscribe to our Newsletter

Get the latest in enterprise business and tech with exclusive peeks at our new offerings