EU cybersecurity label should not discriminate against Big Tech, European groups say

FILE PHOTO: 3D printed clouds and figurines are seen in front of the Google Cloud service logo in this illustration taken February 8, 2022. REUTERS/Dado Ruvic/Illustration/File photo

BRUSSELS (Reuters) - A proposed cybersecurity certification scheme (EUCS) for cloud services should not discriminate against Amazon, Alphabet's Google and Microsoft, 26 industry groups across Europe warned on Monday.

The European Commission, EU cybersecurity agency ENISA and EU countries will meet on Tuesday to discuss the scheme which has undergone several changes since ENISA unveiled a draft in 2020.

The EUCS aims to help governments and companies pick a secure and trusted vendor for their cloud computing business. The global cloud computing industry generate billions of euros in yearly revenue, with double-digit growth expected.

A March version scrapped so-called sovereignty requirements from a previous proposal, which required U.S. tech giants to set up a joint venture or cooperate with an EU-based company to store and process customer data in the bloc in order to qualify for the highest level of the EU cybersecurity label.

"We believe that an inclusive and non-discriminatory EUCS that supports the free movement of cloud services in Europe will help our members prosper at home and abroad, contribute to Europe's digital ambitions, and strengthen its resilience and security," the groups said in a joint letter to EU countries.

"The removal of both ownership controls and Protection against Unlawful Access (PUA) / Immunity to Non-EU Law (INL) requirements ensures that cloud security improvements align with industry best practices and non-discriminatory principles," they said.

The groups said it was crucial that their members have access to a diverse range of resilient cloud technologies tailored to their specific needs to thrive in an increasingly competitive global market.

Signatories to the letter include the American Chamber of Commerce to the EU in the Czech Republic, Estonia, Finland, Italy, Norway, Romania and Spain, and the European Payment Institutions Federation.

Others which signed the letter include the Czech Confederation of Industry, Denmark's Dansk Industry, Germany's Bundesverband deutscher Banken, the Digital Poland Association, Irish business lobby group IBEC, the Netherlands' NL Digital and the Spanish Start-up Association.

EU cloud vendors such as such as Deutsche Telekom, Orange and Airbus have pushed for sovereignty requirements in the EUCS on fears that non-EU governments may get unlawful access to Europeans' data on the basis of their laws.

(Reporting by Foo Yun Chee; Editing by Richard Chang)

Follow us on our official WhatsApp channel for breaking news alerts and key updates!


Next In Tech News

UK and India launch technology security initiative
Lyft officials settle lawsuit over sexual assaults by drivers
AT&T beats estimates for subscriber additions on demand for higher-priced plans
OneStream's shares rise nearly 30% in market debut
Google's Vertex AI to use Mistral AI's Codestral
UK data watchdog blocks naming of banks which lost COVID loan guarantees
Sequoia Capital-backed Vanta raises funding at $2.45 billion valuation
Microsoft aims to boost AI workload capacity with Lumen partnership
Meta removes 63,000 Instagram accounts in Nigeria over 'sextortion' scams
Alphabet falls as margin fears, YouTube slowdown eclipse AI boost

Others Also Read