ownCloud, specialist for digital collaboration, strongly welcomes today’s decision of the European Court of Justice regarding the EU-US Privacy Shield, which declares the transfer of personal data to American public cloud services such as Microsoft OneDrive, Google Drive, Dropbox or Box.com to be illegal.
With the ruling, European alternatives such as the Gaia-X cloud project and open source-based content collaboration, enterprise file sync and file share solutions such as ownCloud will gain further prominence.
Today’s ECJ ruling contains a clear instruction to all companies, authorities and organizations: With immediate effect the so-called EU-US Privacy Shield may no longer be used to justify the transfer of personal data to the United States. The standard contractual clauses of the European Union can be used as a basis, but it must be checked in each case whether the high level of data protection in the EU is being maintained. This check lies in the responsibility of the respective company claiming data sovereignty. In practice, however, this verification will either not be possible at all or it will at the latest fail due to the legal situation in the United States. As long as access through authorities via the US Cloud Act cannot be prevented, the ruling also affects all cloud services of US parent companies – regardless of whether the data center is located in Germany or another country.
“The usefulness of American public cloud services for European companies and public authorities will be severely restricted from today on.”
“Today’s ECJ ruling poses a major problem for American cloud storage services such as Microsoft OneDrive, Google Drive or Dropbox,” says Tobias Gerlinger, CEO and Managing Director of ownCloud. “In the end, it means that the storage of personal data of EU citizens in these clouds violates EU law, i.e. the GDPR, and thus threatens severe penalties. As a result, the usefulness of these services for European companies and public authorities will be severely restricted from today on.”
