Saturday, May 11, 2024

Vogon Today

Selected News from the Galaxy

StartMag

Tim and Aruba anti Big Tech USA on the EU cloud certification proposal

4 weeks ago babelfish

Tim and Aruba anti Big Tech USA on the EU cloud certification proposal

Deutsche Telekom, Orange, Airbus and 15 other European companies including Italy's Tim and Aruba have criticized Brussels' proposal to omit data sovereignty requirements from an upcoming cloud security certification scheme. All the details

Protest by 18 European companies against Brussels' proposal for cybersecurity certification for cloud services (Eucs).

This was reported by Reuters, which takes up the joint letter sent by Deutsche Telekom, Orange, Airbus and 15 other companies (including the Italians Tim and Aruba) to the authorities of their countries and to senior Commission officials in which they criticize Brussels' proposal to omit the data sovereignty requirements from the Eucs label.

The draft plan concerns a certification scheme (EUCS) to ensure the cybersecurity of cloud services and help governments and companies in the bloc choose a safe and reliable provider for their business.

As Reuters notes, the new proposal removes so-called sovereignty requirements from an earlier draft that forced US tech giants (such as Google, Amazon and Microsoft) to create a joint venture or cooperate with an EU-based company to store and process customer data in the EU in order to qualify for the highest level of EU Cybersecurity Label.

The plan will be discussed by cybersecurity experts from the 27 EU countries on April 15, which could pave the way for its adoption by the European Commission in the autumn, the news agency reports.

WHAT YOU READ IN THE LETTER FROM EUROPEAN TECH COMPANIES

“The EU must not abandon its overall objective of promoting sovereignty, an objective that is all the more relevant in a context of geopolitical uncertainty,” reads the letter from the 18 companies calling on the bloc's countries to reject this latest certification proposal without sovereignty requirements.

“The inclusion of European and EU HQ control requirements in the main scheme is necessary to mitigate the risk of illegal access to data based on foreign laws,” they said in the letter seen by Reuters .

THE 18 SIGNATORS

Among the signatories of the joint letter are Airbus, the French energy group Edf, the French cloud services provider OVHcloud, the Italians Tim and Aruba, Ionos, Dassault Systemes Germany, Exoscale, the French technology company Capgemini, Eutelsat, A1, Deutsche Telekom , Gigas, OpenNebula Systems, Orange, Proximus, Sopra Steria and StackIT.

TO START FROM THE USA CLOUD ACT AND BEYOND

Without such requirements, European data could be accessible to foreign governments based on their laws such as the US Cloud Act or the Chinese National intelligence law, the signatories warned.

WHAT IS THE USA CLOUD ACT

On March 23, 2018, the United States Congress passed the Clarifying Lawful Overseas Use of Data Act (Cloud Act), a law that updates the legal framework for US law enforcement requests for data held by telecommunications service providers .

The US Cloud Act allows US authorities, law enforcement and intelligence agencies to acquire computer data from cloud computing service operators regardless of where this data is located; therefore even if they are on servers outside the USA.

THE APPEAL OF EUROPEAN COMPANIES

In light of this, European companies have said that the EU cybersecurity label should follow the example of the European cloud computing platform Gaia-X created to reduce the EU's dependence on Silicon Valley giants and which has sovereignty requirements.

Although the certification scheme will be voluntary, it is still intended to guide Member State authorities in making decisions about suppliers. “The lack of sovereignty clauses could also hinder nascent EU cloud service providers compared to their larger US rivals,” the letter further reads.

“Removing these requirements from the system would seriously compromise the viability of sovereign cloud solutions in Europe, many of which are in development or already available on the market,” the European companies concluded.

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/tim-e-aruba-anti-big-tech-usa-sulla-proposta-ue-di-certificazione-per-il-cloud/ on Fri, 12 Apr 2024 06:15:26 +0000.