Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Benedict Collins

EU cybersecurity label for cloud computing vote pushed back once again

European Union technical background.

For some time the EU has been trying to figure out a label to award cloud service providers with strong cybersecurity to be used by governments and organizations within its borders.

However, establishing the exact requirements for cloud companies to qualify for this label has been a battle between robust regulations and ease of access.

To that effect, the vote on the draft EU cybersecurity certification scheme (EUCS) has now been shelved until at least May 2024 to allow further wrinkles to be ironed out, people familiar with the matter have said.

Penetrating the bureaucracy

The label was first proposed back in 2020 by cybersecurity agency ENISA as a way to safeguard sensitive data once it is transferred beyond the borders of the EU. However, recent amendments may revoke legal protections for EU data leaving the bloc.

Originally the proposed label would require cloud service providers such as Google, Amazon and Microsoft to embark on a joint venture with an EU based company or build their own data center within the bloc’s borders, so that EU data could be handled within the borders of the EU. But the latest version of the draft has since scrapped this requirement.

Critics of the move have said that by not requiring cloud service providers to store and process the data within the EU, non-EU companies could use their own laws to access the data, therefore violating EU data protection.

The vote that has been pushed back to May involves deliberation by cybersecurity, cloud and data experts, before the draft label moves on to deliberation by EU members and a final stamp of approval from the European Commission.

Last year, the EU and US agreed on a data privacy pipeline that would allow businesses to transfer data between Europe and the US rather than the costly bureaucratic alternative of establishing data centers in the EU. The UK later piggy-backed off this pipeline for its own data privacy transfers following its departure from the European Union.

Via Reuters

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.