Vote on EU cyber security label delayed to May – Security


Cyber security experts have shelved a vote on a draft EU cyber security label allowing Amazon, Alphabet’s Google and Microsoft to bid for highly sensitive EU cloud computing contracts to May, people familiar with the matter said.



The European Union wants to introduce a cyber security certification scheme (EUCS) to vouch for the cyber security of cloud services and help governments and companies pick a secure and trusted vendor for their cloud computing business.

However, disagreements on whether strict requirements should be imposed on Big Tech to qualify for the highest level of the EU cyber security label has hampered efforts.

The experts which met on Monday and Tuesday in Brussels, did not vote on the latest draft of the scheme proposed by EU cyber security agency ENISA in 2020 and tweaked by Belgium which currently holds the rotating EU presidency, the people said.

After the experts’ vote, the next step is an opinion from EU countries and the final decision by the European Commission.

The latest version scrapped so-called sovereignty requirements from a previous proposal, which obliged US tech giants to set up a joint venture or cooperate with an EU-based company to store and process customer data in the bloc in order to qualify for the highest level of the EU cyber security label.

While Big Tech welcomed dropping the requirements, EU cloud vendors and businesses such as Deutsche Telekom, Orange and Airbus criticised the move, and warned of the risk of unlawful data access by non-EU governments on the basis of their laws.



Source link