Privacy Framework Spurs Euro Datacenter Expansion
Cloud services and data governance vendors are moving swiftly to comply with a new U.S.-European Union privacy regime that imposes stricter requirements on U.S. companies for protecting the personal data.
As major cloud providers expand datacenter capacity in Europe to comply with the EU-U.S. Privacy Shield Framework, other U.S. vendors are gaining certification from the U.S. Commerce Department to store the personal data of EU residents.
The Privacy Shield negotiated earlier this year replaces a "safe harbor" data export agreement invalidated in October 2015 by the European Court of Justice. The privacy ruling initially touched off a flurry of moves by cloud vendors to deploy security upgrades to cloud storage and orchestration services.
With the framework in place, major cloud vendors such as Amazon Web Services (NASDAQ: AMZN) and Microsoft (NASDAQ: MSFT) have reacted by expanding cloud datacenters across the EU. For example, Microsoft said this week it would open new datacenters in France next year to host it Azure cloud and Office 365 products. Microsoft said it has so far spent about $3 billion on its European datacenters hosting its Azure cloud services.
Meanwhile, AWS has said it would expand its European datacenter footprint with new public cloud facilities in France and the U.K.
While the Privacy Shield framework would allow cloud vendors to transfer personal data to the U.S., expansion of European datacenter capacity is seen as a more straightforward way of meeting stricter "data sovereignty" rules that specify what must be stored and where.
Other hyper-scalers are following the lead of large cloud vendors. Apple (NASDAQ: AAPL) is reportedly planning to spend up to $1 billion on a new datacenter in Denmark while Facebook (NASDAQ: FB) also is expected to expand its presence in the EU.
Meanwhile, a steady stream of data privacy vendors report U.S. certification of their platforms under the privacy framework. For example, Syncplicity, the former EMC Corp. unit based in Santa Clara, Calif., said this week unveiled a "dedicated EU architecture" that allows European-based units to confine the storage of processing of personal data to the EU region.
That follows its rollout last November of a European-based cloud storage option along with an EU-based cloud orchestration layer designed to give U.S. companies with European operations more options to comply with new data security regulations. Syncplicity has traditionally focused on allowing customers to store data locally and then move specific files to the cloud.
Also this week, San Francisco-based analytics and business intelligence vendor GoodData Corp. announced it has been certified under the Privacy Shield framework for handling personal data of EU citizens. The certification follows the opening of its European datacenter last year and an office in Lugano, Switzerland.
The Commerce Department has so far listed nearly 300 companies in the data transfer program.
