Oceans Apart: The EU and US Cybersecurity Certification Standards for Cloud Services
While EUCS may—over time—spur the growth of European CSPs and increase uniformity among cybersecurity standards across the continent, the imposition of digital sovereignty requirements (localization and foreign law immunity) would impose substantial costs on CSP users in Europe, at least in the medium-term. At a minimum, such an approach should be subjected to a public consultation process and full impact assessment that would fully explore the potential costs, as advocated by several member states, including the Netherlands.