Cloud computing is essential to deploying technologies such as artificial intelligence, the Internet of Things, blockchain and data analytics.
The European Commission’s activities on cloud fall into 2 categories:
- investing funds in cutting-edge projects related to cloud and edge computing;
- developing policies and rules that protect cloud users, make cloud services safer, ensure fair competition and create the optimal framework conditions for a thriving European cloud industry.
A future-proof model for IT
Cloud technologies offer a model of on-demand data storage and processing, both in centralised data centres and in distributed connected devices close to the user (at the 'edge' of the network). As cloud technologies are faster, cheaper and more flexible than conventional computing methods, many of our everyday services are based on the cloud, such as web-based email, entertainment systems, and public services including health and transportation
Whereas conventional cloud computing takes place in centralised data centres, edge computing data is processed in connected objects closer to the users. This allows for much faster operations and gives users more control over their data.
Large economic benefits come from the widespread use of cloud and edge solutions by EU businesses and public organisations thanks to the significant reduction of IT costs. Cloud and edge computing unlocks access to future and emerging technologies, such as artificial intelligence, the Internet of Things and blockchain. It plays a key role in fostering a competitive and innovative European economy in the digital age.
The cloud provides:
- computing capacities on which all types of digital services can run, for all sectors of the economy;
- on-demand computing and data storage resources, without having to invest in hardware;
- easy and affordable access to scalable and powerful computing facilities for start-ups and SMEs.
Today, only 1 in 4 businesses and 1 in 5 SMEs are using cloud computing for their daily operations in Europe. A significant increase in cloud and edge deployment will provide European businesses and public organisation the key data processing technology to support their digital transformation and their adoption of more advanced digital services like big data analytics and artificial intelligence. It will subsequently strengthen the European economy’s competitiveness and its innovation potential.
Unlocking the cloud is unlocking data for Europe
Cloud technologies are a necessary tool to manage the huge flow and exchange of data generated by our increasingly digital economy. For a flourishing economy, data should be able to move freely from server to server across borders, organisations and individuals within the EU, in a trusted and secure way.
For this to happen, the Commission’s cloud policies include:
- building innovative ecosystems that are conducive to data sharing across businesses and public organisations;
- investing in new forms of cloud and edge computing to make Europe a frontrunner in ground-breaking cloud technologies such as edge computing, swarm computing and mini-clouds;
- fostering free flow of data to ensure that data can be stored in any EU Member State;
- avoiding vendor lock-in to ensure that cloud users can easily move their data and applications from one provider to another;
- raising the standards for cloud services on the European market in terms of security, environmental performance, fairness and competitiveness.
The next sections of this brochure describe how the European Commission aims to achieve these objectives through policy actions and investments.
The Free Flow of Non-Personal Data Regulation
The Free Flow of non-personal Data Regulation, together with the General Data Protection Regulation (GDPR), established the unrestricted movement of all data across Europe. All existing unjustified data localisation restrictions must be removed, while competent authorities in each Member State continue to have the right to access data stored throughout the EU. In order to avoid vendor lock-in, the Regulation also introduced industry codes of conduct for data portability. Thanks to this, companies are now able to freely move data around from provider to provider.
The combined application of the free flow of non-personal data regulation and the GDPR ensures that both non-personal data and personal data can freely move around through the Union, as long as it is adequately protected. The Commission has published informative guidance on the issue of mixed datasets, i.e. datasets containing both personal and non-personal data.
The European Alliance for industrial data, edge and cloud
With the objective of making Europe a frontrunner in ground breaking cloud and edge infrastructure and services, the European Union decided on an ambitious investment approach. From 2021 to 2028, co-investments are envisaged through different EU funding instruments, Member States and the private sector (more information below).
These different investment streams need to be coordinated to ensure that they fit into a coherent and ambitious industrial roadmap for cloud and edge in Europe and that they meet the specific needs of demand sectors. This is the objective of the European Alliance for industrial data, edge and cloud.
The Alliance brings together businesses, Member States representatives and relevant experts. The objective of the Alliance is to facilitate the emergence of a European offering of next generation, trustworthy, energy efficient and competitive cloud and edge services. These new cloud and edge capacities should be completely interoperable and offer open, multi-vendor cloud platforms and services, based on European, international or open source standards.
To foster innovative ecosystems that are conducive to data sharing across businesses and public organisations, the Alliance is linked to the development of Common European Dataspaces as envisaged in the European Data Strategy. It will also aim at creating synergies between existing cloud initiatives, such as Gaia-X and national cloud initiatives, to enhance and broaden their scale and coverage.
Investing in cloud computing: boosting innovation potential for businesses in Europe
In the Horizon 2020 funding programme, the EU has invested around €300 million in projects related to cloud computing and software between 2014 and 2020.
Within the current financial programming period, which runs until 2027, the Commission is stepping up its effort by funding multi-country projects in order to:
- carry out state-of the art research in the area of cloud and edge computing;
- fund cloud federation projects, e.g. by interconnecting existing national cloud capacities;
- stimulate the deployment of EU cloud and edge services on the market, for example by means of an EU online marketplace.
These financial efforts, which should amount to at least €2bn over that period, will be complemented by Member State and industry investments. Both will be able to tap into the Invest EU programme (to facilitate the access to investments in cloud) and the Recovery and Resilience Facility (under the NextGeneration EU programme) which will help the European Union to overcome the pandemic-generated crisis.
Building an EU online marketplace for cloud services
To ensure optimal access to new and innovative cloud and edge services offered in Europe, the European Commission will support an EU online marketplace for cloud services providing easy access to an online portal for businesses interested to use cloud services. All services offered on the EU cloud marketplace will provide adequate reassurance on the compliance with the EU’s rules, norms and standards in the area of cloud computing. This will provide a trusted gateway to cloud services offered in Europe.
The EU Cloud Rulebook
To protect European businesses and public organisations, which increasingly depend on cloud technologies, it is important that cloud and edge services offered in Europe fully comply with the relevant (general and sectorial) laws, but also with key European self-regulatory norms and standards regarding security, energy-efficiency, data protection, interoperability and fair competition.
Over the past years, industry stakeholders in Europe have worked together to develop such self-regulatory norms and standards. The forthcoming EU Cloud Rulebook will provide a comprehensive catalogue of such schemes and detail the mechanisms to demonstrate compliance with them.
Examples of the EU’s self-regulatory work in this area include:
An EU-wide Cloud cybersecurity certification scheme
Businesses need a certain level of trust from their cloud provider. A single European scheme for cloud security certification will build trust in cloud computing and provide legal certainty in comparison with the many different commercial schemes on the market. The EU cybersecurity agency, ENISA, is finalising a cybersecurity certification scheme that should be ready for market adoption in the course of 2021.
SWIPO Codes of conduct on data portability in the cloud
Cloud users should be able to move easily their data and applications from one provider to another. As mandated by the Free flow of non-personal data Regulation, cloud users and providers have jointly worked on codes of conduct on data portability to avoid ‘vendor lock-in’ and facilitate cloud switching. In accordance with the same Regulation, these ‘SWIPO’ codes of conduct will be evaluated by the European Commission on the basis of their content and the level of market adoption.
Fair and balanced contractual arrangements
Contractual agreements between cloud service providers and their users determine the conditions under which cloud and edge services operate. In this context, standard contractual clauses can be used to even the negotiation power between cloud providers and cloud customers.. Standardisation (processes) of contractual agreements already exist for Service Level Agreements, for cloud agreements in the financial sector, for data protection and for general cloud agreements.
Code of Conduct on energy efficiency of data centres
This has shown to be effective when reducing the energy consumption of cloud providers. The corresponding criteria have been translated into Green Public Procurement criteria to trigger a market-push for green clouds.
Codes of Conduct on data protection in cloud computing
Data protection is a fundamental right for EU citizens. Several Codes of Conduct have been developed by industry to ensure that cloud services on the European market can demonstrate compliance with the GDPR.
Green cloud solutions
In 2018, in the EU, data centres accounted for 2.7% of the electricity demand, a figure expected to reach 3.2% in 2030. Against this background, the Commission will put forward initiatives to make data centres climate-neutral, highly energy efficient and sustainable by 2030. These initiatives will review and complement existing measures such as:
- The Energy Efficiency Directive
- The Directive dealing with the Waste Electrical and Electronic Equipment
- The Green Public Procurement criteria on data centres and cloud services
- The Eco-design Directive on servers and data storage products
- The Code of Conduct for energy efficiency in data centres