German firms IONOS, Nextcloud team up to offer data sovereignty – iTWire
Germany’s biggest cloud and hosting provider IONOS has teamed up with open source collaboration platform provider Nextcloud to offer users sovereignty over their data.
A statement from the two companies said any company which used the services of the pair would be safe from having their data accessed by a third party, something that has been made possible by the US CLOUD Act.
“Data sovereignty is an essential requirement for many customers when using cloud services to protect trade secrets,” Nextcloud chief executive Frank Karlitschek said. “This applies to customers from the public sector as well as the private sector.”
IONOS chief executive Achim Weiß said protection of data this way was possible as the two companies operated under German law.
“As German providers, IONOS and Nextcloud guarantee their users the sovereignty over their data – we rule out access by third parties as permitted by the US CLOUD Act,” he said. “Our co-operation therefore gives Nextcloud customers the legal security they need.”
The CLOUD Act was passed in 2018 to overcome an obstacle faced by the FBI in obtaining data which Microsoft had stored in Ireland. The agency said the data was related to a drug-trafficking case.
At the time when the Act was passed, the Electronic Frontier Foundation, an American organisation that fights for digital rights, outlined the following scenario as one that could eventuate under the legislation:
“London investigators want the private Slack messages of a Londoner they suspect of bank fraud. The London police could go directly to Slack, a US company, to request and collect those messages.
“The London police would not necessarily need prior judicial review for this request. The London police would not be required to notify US law enforcement about this request. The London police would not need a probable cause warrant for this collection.
“Predictably, in this request, the London police might also collect Slack messages written by US persons communicating with the Londoner suspected of bank fraud. Those messages could be read, stored, and potentially shared, all without the US person knowing about it.
“Those messages, if shared with US law enforcement, could be used to criminally charge the US person in a US court, even though a warrant was never issued.”
Karlitschek and Weiß said another point of difference between the companies they headed and US firms was that the two German entities used open source software. “The consistent use of open standards ensures transparency,” said Weiß.
“Anyone can view the code at any time, check it for security gaps and change it if necessary. Moreover, only on an open source basis is it easy to link data and applications with other systems.”
They said that in coming months, they would try to increase awareness of the issue of sovereignty.
“Many companies and government agencies are putting much of their data in the hands of cloud providers from the US. Nextcloud and IONOS want to work together to raise awareness of the fact that sensitive data, in particular, is better off with European providers,” said Weiß.