- US Hyperscalers Adhere to US Cloud Law, Which Goes Against Swiss Beliefs
- Privatim advocates for true E2EE and greater transparency throughout the chain
- US hyperscalers are acceptable if customers can encrypt their own data
Swiss data protection officials have warned public bodies not to use cloud services from industry hyperscalers Microsoft, Amazon and Google, due to the lack of true end-to-end encryption.
This comes as many SaaS providers, especially those subject to the US Cloud Act, could be required to hand over data to US authorities, even if it is stored in Switzerland.
Cloud providers were also criticized for not offering enough transparency to verify security, with “long chains of third-party service providers” further complicating data security.
Switzerland warns against the use of Microsoft 365, AWS and Google Cloud
Privatim, the Conference of Swiss Data Protection Officers, also warned that the use of SaaS means a significant loss of control for public bodies, meaning they cannot influence the risks to citizens’ fundamental rights.
Ultimately, Privatim says that international SaaS providers should not be used for highly sensitive or confidential data unless the government can encrypt the data itself and the provider cannot access the keys.
Switzerland is already known for its strict data privacy laws, and a revision to the Swiss Data Protection Law in September 2023 adds more requirements for cross-border data disclosure and more.
The US Cloud Law goes against Swiss standards on privacy and sovereignty, particularly because even data hosted in a Swiss region is not immune to the US Cloud Law.
Unrelated to this last warning, Switzerland already has its own local alternative to Big Tech. Proton has quickly made a name for its strong security: the company cannot access user data, even if required by law.
In addition to using Swiss and EU infrastructure and complying with Swiss laws, Proton also offers client-side encryption (CSE) and open source for parties that do not need protection.
With three US hyperscalers representing around two-thirds of the cloud market, this not only makes finding a suitable and compatible alternative a little more difficult, but represents significant growth opportunities for those companies if European data privacy trends continue.
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
