Back in 2020, the European Parliament published a briefing paper which set out “growing concern that the citizens, businesses and Member States of the European Union (EU) are gradually losing control over their data, over their capacity for innovation, and over their ability to shape and enforce legislation in the digital environment.”
At the heart of the matter is the domination that the likes of Amazon, Microsoft and Google have established over the European cloud computing market. One of the effects of their success is that the region now faces significant challenges in ensuring data is subject to the laws and governance structures of the country or region in which it is collected, stored or processed.
For organizations based in the EU hosting their data with providers based elsewhere, this raises serious questions about who ultimately has jurisdiction over that data and whether it can be governed by foreign legal frameworks beyond their control.
EMEA Lead at Datadobi.
Let’s also be clear – the market-leading hyperscalers offer efficiency, scale and a whole host of other compelling advantages. They are all highly innovative, trusted providers that have transformed how businesses operate and have enabled extraordinary digital progress at speed and scale.
Thousands of European organizations rely on – and will continue to rely on – these brands for good reason. At the same time, however, it’s also vital that organizations understand that where they store their data, and under whose jurisdiction it falls, carries implications far beyond IT.
Whether viewed through a political, economic, or operational lens, data sovereignty matters. In some scenarios, it can shape access rights, trigger regulatory obligations or even expose organizations to geopolitical risk.
For example, laws in one country could compel a cloud provider to share data stored in another, an issue that’s been flagged in relation to executive powers and national security mandates at the disposal of foreign governments.
So, how is the landscape changing? Firstly, there are a number of promising European cloud initiatives, including regulatory developments, sovereign cloud frameworks and consortium-based models designed to create local alternatives to the all-in-one hyperscaler stack. However, these solutions are not without their challenges, with cost, fragmentation, scalability and adoption hurdles potentially standing in the way of an effective regional system.
For many organizations, a full switch isn’t viable due to issues such as existing investment commitments, operational complexity and the simple absence of mature, like-for-like alternatives that can match the scale and capabilities of established providers.
The US hyperscalers are also getting in on the act. This time last year, for instance, AWS announced plans to invest €7.8 billion in the AWS European Sovereign Cloud, an initiative which the company says reinforces its “commitment to offer customers the most advanced set of sovereignty controls, privacy safeguards, and security features available in the cloud.”
How this plays out remains to be seen, but whatever route organizations favor in the pursuit of data sovereignty, access to choice and autonomy over where their data is stored is likely to grow in importance as time passes.
The role of intelligent data management
For European organizations in this position, and there are many, the good news is that they don’t need to wait for systemic changes in the cloud landscape to start regaining control. Data sovereignty can be addressed today through the implementation of modern, vendor-neutral data management technologies, which enable them to visualize their entire data landscape and apply consistent policies across disparate storage environments.
Armed with a unified view of their data across cloud and on-premises environments, organizations can then make informed choices about what data to store, where to store it and how best to safeguard it.
The obvious starting point is visibility because, without knowing what data exists, where it resides and how it moves, businesses are flying blind. This is particularly significant and challenging in contemporary multi-cloud and hybrid-cloud environments, where data can be extremely fragmented, often with little consistency or oversight.
But by establishing a clear picture of all data assets, classifying them based on sensitivity and business value and ensuring local copies of critical data are always available, IT management can also enforce policies that align with governance and regulatory requirements.
In the end, this is not just a technology and geography issue; it goes much deeper to cover everything from business resilience and compliance to control and, ultimately, customer trust. Europe’s digital future will depend not only on where its data lives, but on who can access it, govern it and protect it.
As the European Parliament data sovereignty briefing concludes, “Building a secure pan-European data framework and adopting new standards and practices to provide trustworthy and controllable digital products and services would ensure a safer digital environment.”
We list the best cloud storage.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Services Marketplace – Listings, Bookings & Reviews