Europe’s CSPs eye national data services amid public clouds

T-Systems is the latest European communications service provider (CSPs) to announce national data services for organizations, as telcos’ legal teams grapple with tough questions around managing customer data within the cloud. T-Systems has said it is partnering with Google Cloud to build and deliver sovereign cloud services for German enterprises, the public sector and healthcare organizations, with services due to be available in 2022.for organizations. In this way, T-Systems and its customers will be able to make use of global public cloud resources while abiding by national data regulation. It follows the announcement by Orange in May of a similar national service in France, called Bleu, which Orange will develop with Cap Gemini and run on the Microsoft Azure cloud platform. Telecom Italia, meanwhile, has said it will submit an expression of interest to create a national cloud hub in Italy. Italy’s Innovation Minister, Vittorio Colao (and former CEO of Vodafone), expects to receive bids by the end of September, according to Reuters. National data services managed by CSPs are taking root in global hyperscalers’ clouds as the result of a ruling on European data in July 2020, called Schrems II. The European Court of Justice ruled that the EU-US Data Protection Shield, which allowed companies to transfer data between the US and the EU in compliance with GDPR, was invalid because of concerns around surveillance by US state and law enforcement agencies. The CLOUD Act of 2018 in the US can require US-based tech firms to provide data to Washington even if it is stored abroad. Indeed, a raft of legal questions around the use of public cloud are presenting obstacles to telcos, according to Mattias Fridström, Chief Evangelist, Telia Carrier, speaking during Telecom TV’s Removing the barriers to cloud native operations within telcos. “I think the biggest struggle we have right now is actually … on the legal side, where some of the legal people are starting to question can you put 3D everything in the cloud, what about all these rules, where are the clouds located?” says Fridström. "It's popped up as one of the new things that we're struggling with right now.”

Home is where the data is

At the same time, one of the consequences of Schrems II is that European CSPs can set out to play to their strength of being national companies with a strong track record in securely handling large amounts of data and complying with regulation.

“There are concerns around data privacy and control, heightened among other things by the CLOUD act in the United States and the Schrems II ruling at the European Union’s Court of Justice,” said a T-Systems spokesperson. “This offering seeks to allay those concerns, by providing customers with full sovereignty and transparency over their data, whilst still offering the full benefit of the public cloud.”

Orange, for example states that Bleu will meet “data transfer requirements … ensuring the full control of cloud-based applications from within an isolated infrastructure that uses data centers located in France. These data centers will therefore be strictly separated from Microsoft’s global data center infrastructure, which guarantees operational autonomy.” In Germany, Google and T-Systems will jointly develop sovereign cloud solutions and infrastructure. However, T-Systems will supervise service management and operation of the sovereign cloud. “The set-up and management of the Sovereign Cloud will be familiar to our cloud customers, with T-Systems remaining the contract partner,” according to the spokesperson. “Google Cloud will provide the technical platform and thus all the advantages of public cloud services. T-Systems will provide all sovereignty dimensions around data and operational software.” T-Systems will be in charge of encryption and identity management, for example, and will control service in such a way that data sovereignty can’t be unilaterally circumvented by any of the partners, according to T-Systems. Its customers will also be able to use its multi-cloud offering to run workloads on other clouds.

A European federated cloud

National clouds are not the only changes afoot. CSPs, including Orange and Deutsche Telekom, are also part of the European federated and secure data infrastructure initiative, Gaia-X. Gaia-X describes itself as “an open, transparent and secure digital ecosystem, where data and services can be made available, collated and shared in an environment of trust.” Both Orange and T-Systems stress their national data services will be part of the Gaia-X ecosystem, which is currently in development. Indeed, earlier this year, T-Systems CTO Maximilian Ahrens was named Chairman of the Gaia-X board of directors. “Gaia-X was not conceived as another cloud platform, rather as a network of cloud providers and users, conforming to a set of standards, in keeping with European values and regulations. We aim to make our sovereign cloud a strong pillar of the Gaia-X ecosystem,” said the T-Systems spokesperson.