With the „Clarifying Lawful Overseas Use of Data Act“, the then (2018) President Donald Trump signed a regulation that allows US authorities to view access to data stored abroad. The prerequisite for this is, of course, that the company operates the servers is a US company or a subsidiary of this.
This can also happen if a German cloud provider is bought up by a US group.
Where is the problem? US cloud act and the GDPR!
The GDPR (Data Protection General Ordinance) ensures that the data of the citizens are valid for which – namely Europe -wide – is protected – does not mean falling in the external hands. Of course, this is now in contrast to the fact that any US authority can claim this. This in turn brings any company to use the cloud services to a dilemma between GDPR and the operating of a modern IT infrastructure. Especially since violations of the GDPR with sensitive punishments of up to 20 million. Euro can be punished.
If it is more interested in: A violation of the obligations listed in Article 48 can result in such punishments according to Art. 83 GDPR.
In fact, this in turn means that every CEO of a company that is responsible for this is practically punishable. An absolute disaster for digitization in Europe.
The only way out is the step towards at least a European or even German cloud provider.
The fact is – if you don’t want to fall behind the competition when it comes to digitization and modern IT, you have to open up the topic of cloud. In the meantime, this is absolutely possible through local cloud providers such as the cloud of the Schwarz group based in southern Germany, the STACKIT.