back to article Oracle planning sovereign cloud regions for the EU

Oracle plans to launch new sovereign cloud regions for the European Union next year to ease any concerns about hosting data and applications that are sensitive, regulated, or of strategic regional importance. The 27 members of the European Union operate under harmonized data protection laws characterized by the General Data …

  1. Anonymous Coward
    Anonymous Coward

    Sovereign?

    Should we mention the US CLOUD Act?

    Or Schrems II?

  2. Duncan Macdonald
    Stop

    Meaningless

    With the US CLOUD Act, any system the is under the direct or indirect control of a US based company can be probed by the US government.

    For an EU firm to comply with the GDPR they cannot store personal information in any system that is subject to the US CLOUD Act.

    Any words that Oracle says to the contrary are ignoring reality to the same extent as Flat Earthers.

    1. Anonymous Coward
      Anonymous Coward

      Re: Meaningless

      Not totally true. Oracle can staff a local subsidiary wholly with local, single nationality staff only, who have to obey local laws, and follow an employment contract that spells this out.

      They will be obligated to tell the US to piss off, and likewise to refuse any contrary direction from the companies owners (Oracle US), who are US citizens and subject to such orders. Everyone gets to obey the laws they are subject to, and your data is only subject to your jurisdiction.

      This should be the norm.

      1. Duncan Macdonald

        Re: Meaningless

        However Oracle Corp can be required to provide access from the US or see senior staff facing jail time - the local staff would soon be replaced.

    2. Anonymous Coward
      Anonymous Coward

      Re: Meaningless

      > For an EU firm to comply with the GDPR they cannot store personal information in any system that is subject to the US CLOUD Act.

      In reality, that is only part of the problem. Schrems II spells out the other part in great detail, but it boils down to violating the right to effective recourse in front of a legally constituted tribunal. In essence, this is because of the relevant US spying "laws" being in reality executive orders, which are not justiciable acts.

      In other words: as a non US citizen, if the NSA gets hold of your data, as they do, there is no court that you can go to to protect your rights (forgive the simplification).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like