EU Package May Limit US Cloud Providers’ Access to Classified Data
The EU’s upcoming Tech Sovereignty Package, set for May 27 release, proposes limiting US cloud providers’ handling of classified public-sector data while still allowing accredited foreign firms. The measures respond to US Cloud Act concerns and strained US-EU relations under the Trump administration.
1. Overview of Tech Sovereignty Package
The EU plans to present its Tech Sovereignty Package on May 27, aiming to enhance digital autonomy by setting stricter data governance rules for foreign cloud providers operating in the bloc.
2. Proposed Data Access Restrictions
Under the proposals, US-based firms would be barred from handling classified public-sector information unless they obtain special accreditation or partner with local entities, with partial allowances maintained for non-sensitive workloads.
3. Drivers and Political Context
The move is driven by national security concerns over the US Cloud Act and diplomatic tensions in US-EU relations stemming from data privacy disputes during the previous US administration.
4. Potential Impact on AWS and Competitors
Amazon Web Services could see delayed sales cycles and increased compliance costs in the EU public sector, potentially benefiting regional cloud providers and prompting AWS to adapt its data localization strategies.