AWS Reaffirms Commitment to European Sovereign Cloud in 2025

 Last week at the AWS Summit in Amsterdam, Danielle Gorlick (General Manager Benelux at Amazon Web Services) recommitted to AWS’s plans for a European Sovereign Cloud, scheduled for 2025. This announcement reinforces the dedication to addressing the growing concerns around digital sovereignty in the European market by AWS.

Understanding Digital Sovereignty

Digital sovereignty however isn't a one-size-fits-all concept. It varies widely depending on the entity or context in which it's applied, influenced by factors such as:
•    The nature of digital activities
•    Technological capabilities
•    Legal and regulatory landscapes
•    Geopolitical considerations
•    Strategic objectives

AWS has been actively listening to customers, partners, and regulators to better understand what digital sovereignty means across different contexts. Through these conversations, four key themes are identified that encompass the concept.

Four Key Themes of Digital Sovereignty

1. Data Residency, Privacy, and Protection

Data Residency refers to storing and processing data within specific geographical and legal boundaries. This ensures that data remains under the jurisdiction of local laws and regulations.

Data Privacy involves managing granular access to data and maintaining comprehensive audit trails. This aspect needs to align with regulatory requirements such as an individual's right to be informed, access, rectify, erase, and object to the processing of their information.

Data Protection covers securing data in transit, at rest, and during compute operations. These protections must satisfy specific regulatory requirements, including the implementation of technical and organizational measures.

2. Operator Access Restriction

This theme addresses security measures that limit or control access permissions granted to system operators or administrators. Many customers express the concern: "I want to be sure that neither AWS nor any unauthorized individual can access my data in the cloud."

3. Resiliency and Survivability

This refers to a digital system's ability to withstand and recover from disruptive events, whether they're failures, attacks, or disasters. Customers often state: "I want to be sure that I can sustain operations despite geopolitical instability, natural disasters, or technical failure."

4. Independence and Transparency

Independence is the ability of a system to operate without undue external influence or control.

Transparency involves the openness and visibility of operations, decision-making processes, and underlying technologies. Customers often express: "I want my industries and sectors to compete and thrive. I want to contribute to the economic and social fabric of my country by building technical skills and infrastructure."

Addressing Customer Challenges

For organizations worldwide, digital sovereignty has become a top priority as they balance compliance requirements with innovation goals. However, the complexity of rapidly evolving policies and requirements presents significant challenges.

In conversations with customers, AWS has identified common concerns about acquiring the knowledge and skills needed to meet digital sovereignty goals. Some frequently asked questions include:

•    Can we use AWS services in a way that complies with applicable data protection laws?
•    How does our security risk profile change when moving workloads to the cloud?
•    Where exactly is our data stored and processed?
•    How can we ensure our data remains in our chosen AWS Region?
•    Does AWS have access to our content?

AWS's Commitment to Sovereignty-by-Design

AWS recognizes that protecting customer data in an environment of changing regulations, technologies, and risks requires collaboration. Their commitment to making the AWS Cloud "sovereign-by-design" reflects their understanding of these complexities and their dedication to helping customers navigate them.

The upcoming European Sovereign Cloud represents a significant step in AWS's strategy to address the specific needs of European customers who face strict regulatory requirements and have unique sovereignty concerns.

Looking Ahead

As we move toward the launch of AWS's European Sovereign Cloud, organizations should begin evaluating their digital sovereignty requirements and how they align with AWS's approach. By understanding the four key themes and addressing common challenges, Noventiq Northern Europe can support you preparing for a cloud infrastructure that balances innovation with sovereignty.