Comment

Privacy Shield: ownCloud welcomes ECJ ruling

Bye, Privacy Shield: The ECJ today declared the data transfer agreement between the EU and the USA invalid. This means that organizations are no longer allowed to store the personal data of EU citizens with US cloud providers.

By ownCloud

ownCloud, specialist for digital collaboration, strongly welcomes today’s decision of the European Court of Justice regarding the EU-US Privacy Shield, which declares the transfer of personal data to American public cloud services such as Microsoft OneDrive, Google Drive, Dropbox or Box.com to be illegal.

With the ruling, European alternatives such as the Gaia-X cloud project and open source-based content collaboration, enterprise file sync and file share solutions such as ownCloud will gain further prominence.

Today’s ECJ ruling contains a clear instruction to all companies, authorities and organizations: With immediate effect the so-called EU-US Privacy Shield may no longer be used to justify the transfer of personal data to the United States. The standard contractual clauses of the European Union can be used as a basis, but it must be checked in each case whether the high level of data protection in the EU is being maintained. This check lies in the responsibility of the respective company claiming data sovereignty. In practice, however, this verification will either not be possible at all or it will at the latest fail due to the legal situation in the United States. As long as access through authorities via the US Cloud Act cannot be prevented, the ruling also affects all cloud services of US parent companies – regardless of whether the data center is located in Germany or another country.

“The usefulness of American public cloud services for European companies and public authorities will be severely restricted from today on.”

“Today’s ECJ ruling poses a major problem for American cloud storage services such as Microsoft OneDrive, Google Drive or Dropbox,” says Tobias Gerlinger, CEO and Managing Director of ownCloud. “In the end, it means that the storage of personal data of EU citizens in these clouds violates EU law, i.e. the GDPR, and thus threatens severe penalties. As a result, the usefulness of these services for European companies and public authorities will be severely restricted from today on.”

Read the Courts’ press release
Read the Ruling in full

ownCloud

July 16, 2020

Ready to see what’s next?

Having trouble viewing or submitting this form?

Contact Us

We care about protecting your data. Here’s our Privacy Policy.

Read now:

This is how we would shape Gaia-X

This is how we would shape Gaia-X

The planned European Cloud stack Gaia-X inspires dreams of digital sovereignty. Christian Schmitz, our Chief Strategy and Innovation Officer, contributes a few policy ideas.

read more