STOCKHOLM (Reuters) – European privacy watchdog said on Tuesday it will launch joint investigations with 22 national regulators into the use of cloud-based services by the public sector to check if they comply with its privacy safeguards.
The investigations will cover over 80 public bodies across the European Economic Area, including EU institutions, covering sectors such as health, finance, tax, education and providers of IT services), The European Data Protection Board (EDPB) said.
U.S. cloud computing companies such as Amazon’s AWS, Alphabet’s Google, Oracle and Microsoft’s Azure have been building data centres across Europe in response to growing demand from private- and public-sector organizations.
The COVID-19 pandemic has sparked a digital transformation of many public sector organisations and they may face difficulties in obtaining products and services that comply with EU data protection rules, the EU body said in a statement.
European Union’s landmark General Data Protection Regulation (GDPR) is designed to protect the privacy rights of EU individuals and applies to all companies processing or controlling the personal information of EU residents.
The European Data Protection Supervisor, last year opened investigations on European Commission and European Parliament’s use of cloud computing services provided by Amazon and Microsoft over concerns about the transfer of personal data to the United States.
Both government and private bodies have been increasingly relying on cloud services from large U.S. providers governed by legislation that allows disproportionate surveillance activities by the U.S. authorities.
The EDPB will publish a report on the outcome of this analysis before the end of 2022.
(Reporting by Supantha Mukherjee, European Technology & Telecoms Correspondent, based in Stockholm; Editing by Tomasz Janowski)
