Encryption as an alternative
That is the big question that technology companies are trying to answer. And it is that, as we have learned in recent months, the idea of the European Union is that the data collected by large American companies or those of other countries on European citizens, they must stay here. Google is trying to convince the commission that perhaps it is not necessary to guarantee the storage of data in one specific place or another.
The ones from Mountain View have opted for encryption as a key aspect in order to maintain that data sovereignty, but without actually ensuring that data will not be stored on US soil. Basically what Google proposes is that the data encryption that it already uses in Google Workspace and that are based on the latest standards, can be a way to comply with the new rules imposed by the EU.
Specifically, they ensure that in this way Google will never have access to the data, since the decryption keys will only be available on the users’ devices, and only they will be able to access them thanks to that encryption. This, that of encryption, is one of the requirements requested by the European Union to limit data sovereignty. But by itself it is not enough.
But what about the data, where is it stored?
From the European Union they are not very convinced of the explanations that Google gives to shield this data sovereignty. Because what the regulators are concerned about is basically that this data, even if it is encrypted, and the encryption keys are safe on their devices, the data would continue to be stored on US soil.
Therefore, it is not very clear how this can help to respect the sovereignty of this data, if in fact it is stored in the United States. However, Google is implementing a new functionality that will be fully operational at the end of 2023, and that is already available in some of its programs. with her the customers will be able to choose the location of data at restwhen they are not moving, being able to choose in this case the European region.
So it seems that although they are insufficient, Google’s movements by ensure data sovereignty should be really useful for this work throughout the coming year. Logically, it will not be the only technology that will have to adapt to these requirements, with the aim of protecting the data of European citizens, since these are currently stored on servers around the world.