EU Cybersecurity Certification Program Controversy: Sovereignty vs. Openness
April 12, 20244 min read 分钟阅读
Share
Source: [Finance Intelligence]
The debate within the EU over the cybersecurity certification program has escalated once again, with 15 EU companies including Deutsche Telekom, France Telecom, and Airbus jointly boycotting a proposal that would allow unrestricted access to EU cloud data by US tech giants like Microsoft, Amazon, and Google. This event has once again brought to the forefront the internal divisions within the EU on cybersecurity issues and added new variables to the market access of global tech giants.
EU Cloud Service Certification Program (EUCS): Fortifying Security or Erecting Trade Barriers?
The EU Cloud Service Certification Program (EUCS) aims to enhance the overall cybersecurity level of the EU by establishing unified certification standards to help EU governments and businesses select secure and trustworthy cloud service providers. However, the program has been embroiled in a fierce struggle between sovereignty demands and market openness from the outset.
Sovereignty Demands: Safeguarding Data Security or Erecting Trade Barriers?
Some EU member states advocate for stringent sovereignty demands in the EUCS, requiring US tech giants to store EU customer data within the EU borders and comply with EU data protection regulations to obtain the highest level of security certification. They believe this can effectively reduce the risk of EU data being illegally accessed by the US government or other third parties.
However, this demand has faced strong opposition from the US government and tech giants. They argue that sovereignty demands are overly burdensome, increase operating costs for businesses, and hinder innovation and development in the EU cloud services market. Additionally, the US contends that the EU’s approach violates relevant rules of the World Trade Organization.
Belgium’s Compromise Solution: Can it Resolve Differences?
In an attempt to break the deadlock, Belgium proposed to separate sovereignty demands from functional requirements, namely:
Functional security requirements to be unifiedly certified by the EU
Sovereignty declarations to be self-declared by companies in the International Company Profile Declaration (ICPA) and applicable only to the highest level of certification
This proposal seeks to strike a balance between EU data security and market openness, but it has yet to gain the approval of all EU member states.
Joint Boycott by EU Companies Including Deutsche Telekom: Upholding Sovereignty or Protecting Competition?
Deutsche Telekom, France Telecom, Airbus, and 15 other EU companies have jointly called on EU countries to reject the latest proposal lacking sovereignty demands. They believe sovereignty demands are necessary because they can:
Mitigate the risk of illegal data access based on foreign laws
Emulate Europe’s Gaia-X cloud computing platform, reducing dependence on Silicon Valley giants
Assist EU startup cloud providers in competing with American counterparts
The European Commission will make a final decision in the autumn of the Northern Hemisphere. The outcome will have a significant impact on the EU’s digital economy.
Key Takeaways:
The controversy surrounding the EU cybersecurity certification program highlights the internal divisions within the EU on cybersecurity issues:
Some countries aim to protect their own data security and advocate for strict sovereignty demands
Others prioritize market openness and competition
The ultimate balance between sovereignty and openness remains to be seen. This game not only affects the EU’s own cybersecurity landscape but may also have far-reaching implications for the global market positioning of tech giants.
The technological landscape is evolving at an unprecedented rate, marking a new era of innovation and digital transformation. In 2024, staying abreast of emerging technology trends is not just advisable; it’s imperative for professionals aiming to remain relevant in a rapidly changing world. Here are key trends that are shaping the future and tips on …
Sumsub’s latest identity fraud report reveals a 121% rise in APAC identity fraud and a 194% surge in deepfake incidents. Explore the growing FaaS threat and strategies to combat digital fraud challenges.
In a significant cybersecurity incident in 2023, Microsoft’s Exchange Online email service was compromised, affecting the accounts of 22 organizations and hundreds of individuals. Among the victims were high-ranking US government officials, including Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns. The breach was traced back to “Storm-0558”, a hacking group with …
EU Cybersecurity Certification Program Controversy: Sovereignty vs. Openness
Source: [Finance Intelligence]
The debate within the EU over the cybersecurity certification program has escalated once again, with 15 EU companies including Deutsche Telekom, France Telecom, and Airbus jointly boycotting a proposal that would allow unrestricted access to EU cloud data by US tech giants like Microsoft, Amazon, and Google. This event has once again brought to the forefront the internal divisions within the EU on cybersecurity issues and added new variables to the market access of global tech giants.
EU Cloud Service Certification Program (EUCS): Fortifying Security or Erecting Trade Barriers?
The EU Cloud Service Certification Program (EUCS) aims to enhance the overall cybersecurity level of the EU by establishing unified certification standards to help EU governments and businesses select secure and trustworthy cloud service providers. However, the program has been embroiled in a fierce struggle between sovereignty demands and market openness from the outset.
Sovereignty Demands: Safeguarding Data Security or Erecting Trade Barriers?
Some EU member states advocate for stringent sovereignty demands in the EUCS, requiring US tech giants to store EU customer data within the EU borders and comply with EU data protection regulations to obtain the highest level of security certification. They believe this can effectively reduce the risk of EU data being illegally accessed by the US government or other third parties.
However, this demand has faced strong opposition from the US government and tech giants. They argue that sovereignty demands are overly burdensome, increase operating costs for businesses, and hinder innovation and development in the EU cloud services market. Additionally, the US contends that the EU’s approach violates relevant rules of the World Trade Organization.
Belgium’s Compromise Solution: Can it Resolve Differences?
In an attempt to break the deadlock, Belgium proposed to separate sovereignty demands from functional requirements, namely:
This proposal seeks to strike a balance between EU data security and market openness, but it has yet to gain the approval of all EU member states.
Joint Boycott by EU Companies Including Deutsche Telekom: Upholding Sovereignty or Protecting Competition?
Deutsche Telekom, France Telecom, Airbus, and 15 other EU companies have jointly called on EU countries to reject the latest proposal lacking sovereignty demands. They believe sovereignty demands are necessary because they can:
The European Commission will make a final decision in the autumn of the Northern Hemisphere. The outcome will have a significant impact on the EU’s digital economy.
Key Takeaways:
The controversy surrounding the EU cybersecurity certification program highlights the internal divisions within the EU on cybersecurity issues:
The ultimate balance between sovereignty and openness remains to be seen. This game not only affects the EU’s own cybersecurity landscape but may also have far-reaching implications for the global market positioning of tech giants.
Related Posts
Navigating the Future: Top Technology Trends to Watch in 2024
The technological landscape is evolving at an unprecedented rate, marking a new era of innovation and digital transformation. In 2024, staying abreast of emerging technology trends is not just advisable; it’s imperative for professionals aiming to remain relevant in a rapidly changing world. Here are key trends that are shaping the future and tips on …
Identity Fraud on the Rise: Insights from Sumsub’s Annual Fraud Report
Sumsub’s latest identity fraud report reveals a 121% rise in APAC identity fraud and a 194% surge in deepfake incidents. Explore the growing FaaS threat and strategies to combat digital fraud challenges.
Microsoft Exchange Hit by Major Security Breach: “Storm-0558” Hacker Group Exploits Vulnerability, Compromising US Government Officials’ Accounts
In a significant cybersecurity incident in 2023, Microsoft’s Exchange Online email service was compromised, affecting the accounts of 22 organizations and hundreds of individuals. Among the victims were high-ranking US government officials, including Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns. The breach was traced back to “Storm-0558”, a hacking group with …