EU says foreign cloud providers will no longer need a local joint venture to qualify for its cybersecurity label

Now, draft cybersecurity labelling rules look to have dropped the requirement that vendors are independent from non-EU laws, Reuters reports.

EU cloud computing change

The scheme aimed at assisting governments and companies within the Union in selecting secure and trustworthy vendors for their operations. Companies headquartered outside the EU had already started initiating joint ventures within the EU to circumvent the restriction.

The move comes as tech giants shift their interest toward lucrative government deals, however the EU remains concerned about potentially illegal surveillance and many countries continue to worry that the dominance of US cloud companies could hinder emerging EU competitors. In fact, that’s been the subject of a major antitrust case on the continent in recent months, particularly involving Microsoft.

Previously, the draft required US tech giants to establish a joint venture with an EU-based entity and process customer data within the EU to qualify for the all-important cybersecurity label. It’s unclear precisely why this has been ditched, however financial institutions, insurance groups and startups reportedly argued for technical provisions over political obligations, indicating that the draft had been a limiting factor in their cloud computing abilities.

With the most recent change, dated March 22, cloud vendors are now only required to disclose information about the location of data storage and processing.

TechRadar Pro has asked the European Commission to confirm the report, but we did not receive an immediate response. Any update will be posted here.

More from TechRadar Pro

• Amazon launches new cloud specifically for Europe
• We’ve made a list of the best cloud hosting providers
• Bring some data on-prem with our pick of the best small business servers