Skip to main content
Shaping Europe’s digital future logo
Brochure | Publication

Cloud and Edge Computing: a different way of using IT - Brochure

Cloud technologies offer a model of on-demand data storage and processing, both in centralised data centres or in distributed connected devices close to the user (at the edge of the network). As cloud technologies are faster, cheaper and more flexible than conventional computing methods, many services that businesses and citizens use every day, such as web-based email, entertainment systems, public services including health and transportation, are based on them.

Visual representation of cloud computing

Cloud computing is essential to deploy technologies such as artificial intelligence, the internet of things, blockchain or data analytics.

The European Commission’s activities on cloud fall into two categories:

  1. investing funds in cutting-edge projects related to cloud and edge computing;
  2. developing policies and rules that protect cloud users, make cloud services safer, ensure fair competition and create the optimal framework conditions for a thriving European cloud industry.

A Future-proof model for IT

Cloud offers a model of on-demand data storage and processing. It enables users to access their data and applications on the device of their choice over the Internet. As cloud computing technologies are faster, cheaper and more flexible than conventional computing methods, many services that businesses and citizens use every day, such as web-based email, customers management, connected cars or public services, are based on the cloud.
Whereas conventional cloud computing takes place in centralised data centres, edge computing data is processed in connected objects closer to the users. This allows for much faster operations and more control of users over their data.
Large economic benefits come from the widespread use of cloud and edge solutions by EU businesses and public organisations thanks to the significant reduction of IT costs. Cloud and edge computing unlocks access to future and emerging technologies, such as artificial intelligence, the Internet of Things and blockchain. It plays a key role in fostering a competitive and innovative European economy in the digital age.

The cloud provides:

  • Computing capacities on which all types of digital services can run, for all sectors of the economy;
  • On-demand computing and data storage resources, without having to invest in hardware;
  • Easy and affordable access to scalable and powerful computing facilities for start-ups and SMEs.

Today, only 1 in 4 businesses and 1 in 5 SMEs are using cloud computing for their daily operations in Europe. A significant increase in cloud and edge deployment will provide European businesses and public organisation the key data processing technology to support their digital transformation and their adoption of more advanced digital services like big data analytics and artificial intelligence. It will subsequently strengthen the European economy’s competitiveness and its innovation potential.

Unlocking the cloud is unlocking data for Europe

Cloud technologies are a necessary tool to manage the huge flow and exchange of data generated by our increasingly digital economy. For a flourishing economy, data should be able to move freely from server to server across borders, organisations and individuals within the EU Digital Single Market, as long as this happens in a trusted and secure way. For this to happen, the Commission’s cloud policies:

  • Build innovative ecosystems that are conducive to data sharing across businesses and public organisations.
  • Invest in new forms of cloud and edge computing to make Europe a frontrunner in ground-breaking cloud technologies such as edge computing, swarm computing and mini-clouds.
  • Foster free flow of data to ensure that data can be stored in any EU Member State.
  • Avoid vendor lock-in to ensure that cloud users can easily move their data and applications from one provider to another.
  • Raise the standards for cloud services on the European market in terms of security, environmental performance, fairness and competitiveness.
  • The next sections of this brochure describe how the European Commission aims to achieve these objectives through policy actions and investments.

The Free Flow of non-personal Data Regulation

The Free Flow of non-personal Data Regulation, together with the General Data Protection Regulation (GDPR), established the unrestricted movement of all data across Europe. By 30 May 2021, all existing unjustified data localisation restrictions must be removed, while competent authorities in each Member State continue to have the right to access data stored throughout the EU. In order to avoid vendor lock-in, the Regulation also introduced industry codes of conduct for data portability. Thanks to this, companies are now able to freely move data around from provider to provider.
The combined application of the free flow of non-personal data Regulation and the GDPR ensures that both non-personal data and personal data can freely move around through the Union, as long as it is adequately protected. The Commission has published informative guidance on the issue of mixed datasets, i.e. datasets containing both personal and non-personal data.

The European Alliance for industrial data, cloud and edge

With the objective of making Europe a frontrunner in ground breaking cloud and edge infrastructure and services, the European Union decided on an ambitious investment approach. From 2021 to 2028, co-investments are envisaged through different EU funding instruments, Member States and the private sector (more information below).
These different investment streams need to be coordinated to ensure that they fit into a coherent and ambitious industrial roadmap for cloud and edge in Europe and that they meet the specific needs of demand sectors. This is the objective of the European Alliance for industrial data, cloud and edge, to be launched in 2021.
The Alliance will bring together Member States, cloud providers, cloud users from different sectors and stakeholders from academia and civil society.
The objective of the Alliance is to facilitate the emergence of a European offering of next generation, trustworthy, energy efficient and competitive cloud and edge services. These new cloud and edge capacities should be completely interoperable and offer open, multi-vendor cloud platforms and services, based on European, international or open source standards. To foster innovative ecosystems that are conducive to data sharing across businesses and public organisations, the Alliance is linked to the development of Common European Dataspaces as envisaged in the European Data Strategy. It will also aim at creating synergies between existing cloud initiatives, such as Gaia-X and national cloud initiatives, to enhance and broaden their scale and coverage.

 

Building an EU online marketplace for cloud services

To ensure optimal access to new and innovative cloud and edge services offered in Europe, the European Commission will support an EU online marketplace for cloud services providing easy access to an online portal for businesses interested to use cloud services. All services offered on the EU cloud marketplace will provide adequate reassurance on the compliance with the EU’s rules, norms and standards in the area of cloud computing. This will provide a trusted gateway to cloud services offered in Europe.
 

The EU Cloud Rulebook

To protect European businesses and public organisations, which increasingly depend on cloud technologies, it is important that cloud and edge services offered in Europe fully comply with the relevant (general and sectorial) laws, but also with key European self-regulatory norms and standards regarding security, energy-efficiency, data protection, interoperability and fair competition.
Over the past years, industry stakeholders in Europe have worked together to develop such self-regulatory norms and standards. The forthcoming EU Cloud Rulebook will provide a comprehensive catalogue of such schemes and detail the mechanisms to demonstrate compliance with them.
Examples of the EU’s self-regulatory work in this area include:

An EU-wide Cloud cybersecurity certification scheme

  • Businesses need a certain level of trust from their cloud provider. A single European scheme for cloud security certification will build trust in cloud computing and provide legal certainty in comparison with the many different commercial schemes on the market. The EU cybersecurity agency, ENISA, is finalising a cybersecurity certification scheme that should be ready for market adoption in the course of 2021.

SWIPO Codes of conduct on data portability in the cloud

  • Cloud users should be able to move easily their data and applications from one provider to another. As mandated by the Free flow of non-personal data Regulation, cloud users and providers have jointly worked on codes of conduct on data portability to avoid ‘vendor lock-in’ and facilitate cloud switching. In accordance with the same Regulation, these ‘SWIPO’ codes of conduct will be evaluated by the European Commission on the basis of their content and the level of market adoption.

Fair and balanced contractual arrangements

  • Contractual agreements between cloud service providers and their users determine the conditions under which cloud and edge services operate. In this context, standard contractual clauses can be used to even the negotiation power between cloud providers and cloud customers.. Standardisation (processes) of contractual agreements already exist for Service Level Agreements, for cloud agreements in the financial sector, for data protection and for general cloud agreements.

Code of Conduct on energy efficiency of data centres

  • This has shown to be effective when reducing the energy consumption of cloud providers. The corresponding criteria have been translated into Green Public Procurement criteria to trigger a market-push for green clouds.

Codes of Conduct on data protection in cloud computing

  • Data protection is a fundamental right for EU citizens. Several Codes of Conduct have been developed by industry to ensure that cloud services on the European market can demonstrate compliance with the GDPR.