26 European industry organizations warned on Monday that the proposed cloud services cybersecurity certification scheme (EUCS) should not discriminate against Amazon, Google (a subsidiary of Alphabet), and Microsoft.
The European Commission, the EU cybersecurity agency ENISA, and EU member states will meet on Tuesday to discuss the scheme, which has undergone several revisions since ENISA published the draft in 2020.
The aim of the EUCS is to help governments and businesses select secure and reliable cloud computing providers. The global cloud computing industry generates billions of euros in revenue annually and is expected to maintain double-digit growth.
The March version of the plan removed the previous proposal's so-called sovereignty requirements, which mandated that U.S. tech giants must enter joint ventures or collaborations with EU companies and store and process customer data within the EU to obtain the EU's highest level of cybersecurity certification.
"We believe that an inclusive and non-discriminatory EUCS, supporting the free flow of cloud services in Europe, will help our members thrive both domestically and internationally, aid Europe's digital goals, and enhance its resilience and security," the organizations said in a joint letter to EU member states.
They also stated: "Eliminating ownership control and preventing unlawful access (PUA)/exemption from non-EU laws (INL) requirements ensures that cloud security improvements remain aligned with industry best practices and non-discrimination principles."
The organizations emphasized that ensuring their members can access diverse and resilient cloud technologies to meet their specific needs is crucial for success in an increasingly competitive global market.
