Over a year ago, our CEO, Adriaan Hoogduijn, wrote about the need for a multi-cloud strategy. However, the exchange and management of data bring risks and challenges, which you have to be smart about as a company. In a previous article, Adriaan wrote about the invalidation of the EU-US Privacy Shield due to the Schrems II ruling. This suddenly made legal transatlantic data exchange impossible without manually reviewing every data transfer to ensure compliance. Adopting the Trans-Atlantic Data Privacy Framework is moving forward, but implementation still needs to be forthcoming.
Criticism from Personal Data Authority
This month, the Personal Data Authority (AP) wrote a letter to Secretary of State for Digitalization Van Huffelen about storing government data with commercial cloud services. “Working in the cloud brings more advantages than disadvantages, and it’s more advantages than disadvantages,” the state secretary explained. What needs to be highlighted is that commercial cloud services carry significant privacy risks.
In general, European cloud providers are more limited than competitors on the other side of the Atlantic. “The infrastructure of cloud services providers in Europe is significantly more limited than in America, requiring logging and monitoring to be set up in-house. This requires an overwhelming time investment and a corresponding cost,” Adriaan Hoogduijn said. That the insecurity of the cloud also leaves much to be desired in the Netherlands is evident from the ongoing soap opera surrounding Centric. The vast majority of government data is stored at Centric, including that of the Dutch Central Bank. Last spring, it appeared that DNB did not want to renew its contract with the ICT service provider, but the search for an alternative is proving to be more complex.
Dominance by hyperscalers
In the process, hyperscalers such as Amazon, Google, and Microsoft are gaining ground. These parties operate in a market where a consolidation storm has raged, but saturation is in sight. With a 64% market share in an $89 billion market, total domination for these giant CSPs will follow. Adriaan explains, “With the overwhelming share of hyperscalers, there is little room left in the market for European CSPs. The invalidity of the privacy shield is currently an obstacle at this point, but once the international framework is implemented, they will still mop up the smaller links. As the market grows, so will the major powers’ lobbying of the U.S. government to expedite the agreement.”
“It is unrealistic to expect another competitive European landscape of CSPs to develop without any driver other than the invalidation of the privacy shield. The government would be better off investing its time in renewing these agreements rather than trying to rebuild the product of 20 years of market dynamics. Suppose the competitiveness of the European financial sector is still maintained by its inability to adopt advanced technologies. In that case, it should at least be spurred on by the fact that its data feels nowhere as insecure as Centric,” Adriaan Hoogduijn said.
Written by
