EU, as a US citizen, go all in and ditch the US as much as you can. Not only will this bring competition, it also means that the US Government cannot grab the balls of Amazon and squeeze the EU market.
I wouldn't trust Amazon with my data if I was an EU citizen. As a US citizen I don't even trust Amazon with my own data. This is why I support de-Google, de-Microsoft, and de-Apple computing.
They’ve been planning this for a while. These datacentres and organisations don’t spring up overnight, especially at this scale.
I know at least one major European bank made it a requirement upon AWS to provide essentially this service. I believe back around 2020 or maybe a bit earlier.
> Two market investigations will assess whether Amazon and Microsoft should be designated as gatekeepers for their cloud computing services, Amazon Web Services and Microsoft Azure, under the DMA, in other words whether they act as important gateways between businesses and consumers, despite not meeting the DMA gatekeeper thresholds for size, user number and market position.
If Amazon is down in the US, would this work? The fact that they mention “any Amazon customer can access this” makes me think it’s intermingled / not cleanly separated and isolated from US infrastructure
> We’re gradually transitioning the AWS European Sovereign Cloud to be operated exclusively by EU citizens located in the EU. During this transition period, we will continue to work with a blended team of EU residents and EU citizens located in the EU.
I find it fascinating that the goal is to staff this exclusively with EU citizens, thereby excluding non-citizen residents of the EU.
Since it is a US company, it is still subject to cloud act, US intelligence full access, and Trumps ability to ignore any and all laws and contracts.
Microsoft execs, who have similar offerings, have confirmed this under oath.
So either this is a valiant attempt by AWS that is ultimately misguided, or it is an attempt to capture customers without even a hint of legal expertise.
AWS, Azure and GC stand to lose all EU customers in the next years. They simply must, given that no data with them is secure from Trump’s admin or industrial espionage.
This does not help that
I'm using OVH Cloud for a customer. There's a bit of uncertainty about the CLOUD Act. As OVH has a US subsidiary, they are still doing business in the US and I have seen claims that this makes also their EU offering susceptible to the CLOUD Act. Does anyone know more details?
Fundamentally, Amazon will not promise you they will break the law. They are subject to US regulations as well as German ones (in this case). If these regulations demand your data be accessed or removed or keys compromised, it will happen. Not because of US, Germany or Amazon but because that’s how jurisdictions work. Beaides, there is no reasonably feasible method for learning what these regulations actually say on a given day, a lot of it is in bylaws and you just can’t keep track of all ministerial orders of all the applicable jurisdictions. Amazon does have an algorithm to determine course of action in case of compliance conflict, but they will not publish it for obvious reasons.
The real question is whether AWS European Sovereign Cloud IAM data is still hosted in us-east-1 with zero HA. Because this is exactly the case right now if you start any workloads in the Dublin region, for example.
If the IAM in us-east-1 goes down, every non-public object or workload that needs any kind of AWS authentication will fail immediately. That is: world-readable S3 buckets are fine, but your RDS database is most likely inaccessible.
This should be a wake-up call to a lot of SaaS companies.
It's becoming fairly clear that keeping app data purely server-side is no longer viable for customers with data sovereignty requirements.
Having a toggle button saying 'Keep my data in Europe' won't be enough either if local-first apps can actually guarantee data location, and allow users to specify which API endpoints they use.
With network monitoring verifying application behavior, privacy reduces to OS-level security.
20 comments
[ 113 ms ] story [ 1243 ms ] threadI wouldn't trust Amazon with my data if I was an EU citizen. As a US citizen I don't even trust Amazon with my own data. This is why I support de-Google, de-Microsoft, and de-Apple computing.
I know at least one major European bank made it a requirement upon AWS to provide essentially this service. I believe back around 2020 or maybe a bit earlier.
Appears to be in Massen: https://www.lr-online.de/lausitz/finsterwalde/investition-in...
> Two market investigations will assess whether Amazon and Microsoft should be designated as gatekeepers for their cloud computing services, Amazon Web Services and Microsoft Azure, under the DMA, in other words whether they act as important gateways between businesses and consumers, despite not meeting the DMA gatekeeper thresholds for size, user number and market position.
I find it fascinating that the goal is to staff this exclusively with EU citizens, thereby excluding non-citizen residents of the EU.
Seems like a lot of work to still have data that can be exfiltrated by the US.
Since it is a US company, it is still subject to cloud act, US intelligence full access, and Trumps ability to ignore any and all laws and contracts. Microsoft execs, who have similar offerings, have confirmed this under oath.
So either this is a valiant attempt by AWS that is ultimately misguided, or it is an attempt to capture customers without even a hint of legal expertise.
AWS, Azure and GC stand to lose all EU customers in the next years. They simply must, given that no data with them is secure from Trump’s admin or industrial espionage. This does not help that
Jeff says it’s made from the finest vegan cows. “It’s not a trick or a word game, trust me! Oh god I really want those euros.”
If the IAM in us-east-1 goes down, every non-public object or workload that needs any kind of AWS authentication will fail immediately. That is: world-readable S3 buckets are fine, but your RDS database is most likely inaccessible.
It's becoming fairly clear that keeping app data purely server-side is no longer viable for customers with data sovereignty requirements.
Having a toggle button saying 'Keep my data in Europe' won't be enough either if local-first apps can actually guarantee data location, and allow users to specify which API endpoints they use.
With network monitoring verifying application behavior, privacy reduces to OS-level security.