Cross-Border Data Forum Bannner

Oceans Apart: The EU and US Cybersecurity Certification Standards for Cloud Services

While EUCS may—over time—spur the growth of European CSPs and increase uniformity among cybersecurity standards across the continent, the imposition of digital sovereignty requirements (localization and foreign law immunity) would impose substantial costs on CSP users in Europe, at least in the medium-term.   At a minimum, such an approach should be subjected to a public consultation process and full impact assessment that would fully explore the potential costs, as advocated by several member states, including the Netherlands.

European Cybersecurity Regulation Takes a Sovereign Turn

Over the past year, the European Union’s ambitious digital regulatory agenda has steadily advanced, impacting transatlantic economic relations and even stimulating legislative initiatives on privacy and antitrust in the United States. However, collaborative approaches between Washington and Brussels present an opportunity to potentially resolve looming transatlantic disputes over the EU’s proposed cybersecurity certification measure.