EU sovereignty plan accused of helping US cloud giants Europe's efforts to reduce reliance on US hyperscalers is under fire from many of the local cloud providers it is designed to help. CISPE (Cloud Infrastructure Service Providers in Europe), a trade association of 38 of the region's cloud providers has issued a withering criticism of the official EU Cloud Sovereignty Framework …
The European Union was a nice idea, full of hope for the future of peoples and messages of peace.
The the bureaucrates took over, the lobbyists found a way in, and now Brussels is just a shell of what it should have been.
Tear that house down. We'll be better off on our own.
@Pascal Monett
"The European Union was a nice idea, full of hope for the future of peoples and messages of peace."
I think it was a nice dream. As an idea you can think it through and see the inevitable power grab of the bureaucracy. Its kinda like how communism can be a nice dream but in the real world always devolves into the same bureaucratic authoritarianism. Had they been a very limited collaborative body for member governments to meet it may have been better. Instead it wanted to poorly emulate the US and pretend it is a country.
The US expect to control US companies globally and any companies on US soil.
The EU expect to control EU companies globally and any companies on EU soil.
These two things cannot both happen. You have to accept a compromise.
The EU can 'take back control' if they want, but they would have to ban EU companies from operating outside the EU, and foreign companies from operating within the EU.
So come to some sort of agreement with your trading partners or seal your borders and go the full North Korean.
I'm no lawyer, and I'm probably missing something, but surely the answer to the question of sovereignty is relatively simple:
"Can you be compelled, either with or without a court order, to provide data held on your systems to a non-EU government or representative thereof"
If the answer is anything other than a resounding "No", then you do not have sovereignty
Unfortunately it's not that simple. "Your systems" is the tricky part. Companies use a number of external providers for storing customer information and that's hard to say yes to.
And then there's the issue of global infrastructure: do you have a global CDN? If yes then you probably need presence in many external countries.
But it gets better: if you have a global CDN and the government just doesn't use it, you still have presence in other countries or use an external provider, so you need to abide by their laws. And how do you provide 24x7 engineering support without an office outside of the EU whose employees have access to the systems?
Things would potentially work if a certain company was dedicated to serving the EU government sector and didn't have any other customers. But in reality that's not the case and things get tricky. If anything, it's an uphill legal battle at global scale and small companies can't afford to fight it. That's the ugly truth.
Any new EU regulation is a regulatory monster. The only way to comply is to have an army of lawyers that can scrutinize it and tooling that allows you to be compliant. That's on top of what your offering. That's hard to do and small companies are being excluded with every new complex piece of regulation. That's the unfortunate reality.
Unless the laws are simplified (but not necessarily relaxed), small companies will be less and less able to be cloud providers for EU governments.
Something sensible is proposed, it gets thrown in the grinder of a EU decision process and out comes something else.
It usually keeps the headline but if you read the fine print it more often than not undermines or reverts the original idea.
That happened so often that I'm not sure if sheer incompetence or something more sinister is involved. But you can almost be assured that it will hurt the continent in some major way.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
