Cloud computing is essential to deploy technologies such as artificial intelligence, the internet of things, blockchain or data analytics.
The European Commission’s activities on cloud fall into two categories:
- investing funds in cutting-edge projects related to cloud and edge computing;
- developing policies and rules that protect cloud users, make cloud services safer, ensure fair competition and create the optimal framework conditions for a thriving European cloud industry.
A Future-proof model for IT
Cloud offers a model of on-demand data storage and processing. It enables users to access their data and applications on the device of their choice over the Internet. As cloud computing technologies are faster, cheaper and more flexible than conventional computing methods, many services that businesses and citizens use every day, such as web-based email, customers management, connected cars or public services, are based on the cloud.
Whereas conventional cloud computing takes place in centralised data centres, edge computing data is processed in connected objects closer to the users. This allows for much faster operations and more control of users over their data.
Large economic benefits come from the widespread use of cloud and edge solutions by EU businesses and public organisations thanks to the significant reduction of IT costs. Cloud and edge computing unlocks access to future and emerging technologies, such as artificial intelligence, the Internet of Things and blockchain. It plays a key role in fostering a competitive and innovative European economy in the digital age.
The cloud provides:
- Computing capacities on which all types of digital services can run, for all sectors of the economy;
- On-demand computing and data storage resources, without having to invest in hardware;
- Easy and affordable access to scalable and powerful computing facilities for start-ups and SMEs.
Today, only 1 in 4 businesses and 1 in 5 SMEs are using cloud computing for their daily operations in Europe. A significant increase in cloud and edge deployment will provide European businesses and public organisation the key data processing technology to support their digital transformation and their adoption of more advanced digital services like big data analytics and artificial intelligence. It will subsequently strengthen the European economy’s competitiveness and its innovation potential.
Unlocking the cloud is unlocking data for Europe
Cloud technologies are a necessary tool to manage the huge flow and exchange of data generated by our increasingly digital economy. For a flourishing economy, data should be able to move freely from server to server across borders, organisations and individuals within the EU Digital Single Market, as long as this happens in a trusted and secure way. For this to happen, the Commission’s cloud policies:
- Build innovative ecosystems that are conducive to data sharing across businesses and public organisations.
- Invest in new forms of cloud and edge computing to make Europe a frontrunner in ground-breaking cloud technologies such as edge computing, swarm computing and mini-clouds.
- Foster free flow of data to ensure that data can be stored in any EU Member State.
- Avoid vendor lock-in to ensure that cloud users can easily move their data and applications from one provider to another.
- Raise the standards for cloud services on the European market in terms of security, environmental performance, fairness and competitiveness.
- The next sections of this brochure describe how the European Commission aims to achieve these objectives through policy actions and investments.
The Free Flow of non-personal Data Regulation
The Free Flow of non-personal Data Regulation, together with the General Data Protection Regulation (GDPR), established the unrestricted movement of all data across Europe. By 30 May 2021, all existing unjustified data localisation restrictions must be removed, while competent authorities in each Member State continue to have the right to access data stored throughout the EU. In order to avoid vendor lock-in, the Regulation also introduced industry codes of conduct for data portability. Thanks to this, companies are now able to freely move data around from provider to provider.
The combined application of the free flow of non-personal data Regulation and the GDPR ensures that both non-personal data and personal data can freely move around through the Union, as long as it is adequately protected. The Commission has published informative guidance on the issue of mixed datasets, i.e. datasets containing both personal and non-personal data.
The European Alliance for industrial data, cloud and edge
With the objective of making Europe a frontrunner in ground breaking cloud and edge infrastructure and services, the European Union decided on an ambitious investment approach. From 2021 to 2028, co-investments are envisaged through different EU funding instruments, Member States and the private sector (more information below).
These different investment streams need to be coordinated to ensure that they fit into a coherent and ambitious industrial roadmap for cloud and edge in Europe and that they meet the specific needs of demand sectors. This is the objective of the European Alliance for industrial data, cloud and edge, to be launched in 2021.
The Alliance will bring together Member States, cloud providers, cloud users from different sectors and stakeholders from academia and civil society.
The objective of the Alliance is to facilitate the emergence of a European offering of next generation, trustworthy, energy efficient and competitive cloud and edge services. These new cloud and edge capacities should be completely interoperable and offer open, multi-vendor cloud platforms and services, based on European, international or open source standards. To foster innovative ecosystems that are conducive to data sharing across businesses and public organisations, the Alliance is linked to the development of Common European Dataspaces as envisaged in the European Data Strategy. It will also aim at creating synergies between existing cloud initiatives, such as Gaia-X and national cloud initiatives, to enhance and broaden their scale and coverage.
Investing in cloud computing: boosting innovation potential for businesses in Europe
In the Horizon 2020 funding programme, the EU has invested around €300 million in projects related to cloud computing and software between 2014 and 2020.
Within the current financial programming period, which runs until 2027, the Commission is stepping up its effort by funding multi-country projects in order to:
- Do state-of the art research in the area of cloud and edge computing
- Fund cloud federation projects, e.g. by interconnecting existing national cloud capacities
- Stimulate the deployment of EU cloud and edge services on the market, for example by means of an EU online marketplace
Funds will be drawn from the Horizon Europe programme, the Connecting Europe Facility 2, and the Digital Europe programme.
These financial efforts, which should amount to at least 2B€ over that period, will be complemented by Member State and industry investments. Both will be able to tap into the Invest EU programme (to facilitate the access to investments in cloud) and the Recovery and Resilience Facility (under the NextGeneration EU programme) which will help the European Union to overcome the pandemic-generated crisis.
Building an EU online marketplace for cloud services
The EU Cloud Rulebook
Over the past years, industry stakeholders in Europe have worked together to develop such self-regulatory norms and standards. The forthcoming EU Cloud Rulebook will provide a comprehensive catalogue of such schemes and detail the mechanisms to demonstrate compliance with them.
Examples of the EU’s self-regulatory work in this area include:
An EU-wide Cloud cybersecurity certification scheme
- Businesses need a certain level of trust from their cloud provider. A single European scheme for cloud security certification will build trust in cloud computing and provide legal certainty in comparison with the many different commercial schemes on the market. The EU cybersecurity agency, ENISA, is finalising a cybersecurity certification scheme that should be ready for market adoption in the course of 2021.
SWIPO Codes of conduct on data portability in the cloud
- Cloud users should be able to move easily their data and applications from one provider to another. As mandated by the Free flow of non-personal data Regulation, cloud users and providers have jointly worked on codes of conduct on data portability to avoid ‘vendor lock-in’ and facilitate cloud switching. In accordance with the same Regulation, these ‘SWIPO’ codes of conduct will be evaluated by the European Commission on the basis of their content and the level of market adoption.
Fair and balanced contractual arrangements
- Contractual agreements between cloud service providers and their users determine the conditions under which cloud and edge services operate. In this context, standard contractual clauses can be used to even the negotiation power between cloud providers and cloud customers.. Standardisation (processes) of contractual agreements already exist for Service Level Agreements, for cloud agreements in the financial sector, for data protection and for general cloud agreements.
Code of Conduct on energy efficiency of data centres
- This has shown to be effective when reducing the energy consumption of cloud providers. The corresponding criteria have been translated into Green Public Procurement criteria to trigger a market-push for green clouds.
Codes of Conduct on data protection in cloud computing
- Data protection is a fundamental right for EU citizens. Several Codes of Conduct have been developed by industry to ensure that cloud services on the European market can demonstrate compliance with the GDPR.
Green cloud solutions
- The Energy Efficiency Directive
- The Directive dealing with the Waste Electrical and Electronic Equipment
- The Green Public Procurement criteria on data centres and cloud services
- The Eco-design Directive on servers and data storage products
- The Code of Conduct for energy efficiency in data centres