Comment by tick_tock_tick
3 years ago
I'd be terrified if I was a EU company at this point. There is not logically way these same rules don't apply to using AWS, GCP, and Azure. There isn't enough other cloud hosting with nearly the same capabilities in Europe to handle that day.
GCP and Azure have options to keep all data within the EU, I'm sure AWS has something to at this point. In France GCP is approved for public business, so it seems to be working fine.
On your general point, we're way past the point where a company is allowed to blindly use any random SaaS without caring about what it does with the data or where it goes. The pendulum is clearly swinging back.
> GCP and Azure have options to keep all data within the EU
I wonder how much of a difference this makes, if the DCs still belong to these american companies and this thing exists: https://en.wikipedia.org/wiki/CLOUD_Act
GCP made a few adjustments to have something that is compatible with both US laws and the GDPR
https://cloud.google.com/blog/products/compliance/how-google...
From memory, gov entities also have deeper customizations, and data centers might be separate from customers and the standard Google operation altogether.
There seems to be a difference between "B2C" stuff like ad tech and tracking and "B2B" like AWS. The latter seems to be more eager to be compliant, I assume only to prevent local / regional competitors to fill a gap but still. Plus all the nice public contracts to be had.