APECDATA: “North American Companies Face Difficulties in Complying with GDPR”

The data sovereignty in Europe is at a turning point, according to Roberto Beitia, president of the Spanish Cloud Providers Association (APECDATA). The association, which was founded in early 2022 with the aim of strengthening data sovereignty in the continent, currently consists of 14 companies (Aitire, Aspa.Cloud, Comvive, Gigas, Grupo Trevenque, Hispaweb, Idecnet, Ipcore, Nexica, Sarenet, Stackscale – Grupo Aire, SW Hosting, Tedra, and Voz.com). With a focus on increasing joint capacity for action and collaborating on proposals aligned with GAIA-X, APECDATA is playing a crucial role in the landscape of privacy and data residency in Europe.

In a recent interview, Beitia addressed the challenge that large North American tech companies face in complying with the European Union’s General Data Protection Regulation (GDPR). According to Beitia, laws such as the Cloud Act and FISA in the United States complicate this compliance, as they authorize access to the personal data of foreign citizens by US agencies.

Beitia emphasizes that, despite attempts to establish agreements between the EU and the US for data transfer, such as the Safe Harbour, the Privacy Shield, and recently the “EU-US Data Privacy Framework,” concerns about surveillance and access to data by US agencies remain a significant barrier. Activist Maximilian Schrems, known for challenging these agreements, insists on the need for substantial changes in US surveillance legislation.

Faced with this reality, European cloud providers offer a valuable alternative. Beitia highlights that, in addition to proximity and personalized customer service, European providers guarantee compliance with the GDPR. He also emphasizes the importance of avoiding “vendor lock-in” by using standard technologies and diversifying cloud providers.

Regarding European regulation, Beitia considers it the most advanced in terms of data sovereignty. Europe has established specific laws and bodies for the protection of personal data, such as the Digital Services and Digital Markets Acts, the Data Governance Act, and the Data Act. These regulations, along with the GAIA-X initiative, of which APECDATA is a member, demonstrate Europe’s commitment to data protection, in contrast to other economies where personal data is seen as a commodity.

APECDATA and its members’ stance is clear: in a constantly evolving digital world, the protection and sovereignty of data are paramount. While large North American tech companies struggle to adapt to strict European regulations, APECDATA and its associates are setting a new standard in data management and protection in the EU.

Source: Computer World

Scroll to Top