Legislative Observatory
European Parliament
Please fill in this field to find a procedure

Unleashing the potential of cloud computing in Europe

2013/2063(INI)

PURPOSE : to unleash the Potential of Cloud Computing in Europe.

BACKGROUND : ‘Cloud computing’ can be understood as the storing, processing and use of data on remotely located computers accessed over the internet. This means that users can command almost unlimited computing power on demand, that they do not have to make major capital investments to fulfil their needs and that they can get to their data from anywhere with an internet connection. Cloud computing has the potential to slash users' IT expenditure and to enable many new services to be developed.

Like the web, cloud computing is a technological development that has been ongoing for some time and will continue to develop. Unlike the web, cloud computing is still at a comparatively early stage, giving Europe a chance to act to ensure being at the forefront of its further development and to benefit on both demand and supply side through wide-spread cloud use and cloud provision.

Fragmentation of the digital single market due to differing national legal frameworks and uncertainties over applicable law, digital content and data location ranked highest amongst the concerns of potential cloud computing adopters and providers.

The Commission therefore aims at enabling and facilitating faster adoption of cloud computing throughout all sectors of the economy which can cut ICT costs, and when combined with new digital business practices, can boost productivity, growth and jobs.

In a preparatory study undertaken for the Commission, it is estimated that the public cloud would generate €250 billion in GDP in 2020 with cloud-friendly policies in place against €88 billion in the "no intervention" scenario, leading to extra cumulative impacts from 2015 to 2020 of €600 billion. This translates into the creation of 2.5 million extra jobs.

CONTENT : on the basis of an analysis of the overall policy, regulatory and technology landscapes and a wide consultation of stakeholders, undertaken to identify what needs to be done to achieve that goal, this document sets out the most important and urgent additional actions. It delivers one of the main actions foreseen in the Communication on e-Commerce and online services.

This strategy does not foresee the building of a "European Super-Cloud". However, one of the aims is to have publicly available cloud offerings ("public cloud") that meet European standards not only in regulatory terms but in terms of being competitive, open and secure.

Completing the Digital Single Market by moving as rapidly as possible to adoption and implementation of the Digital Agenda proposals that are on the table is the essential first step

towards making Europe cloud-friendly. These actions concern : Digital Agenda Actions "opening-up access to content" ; Digital Agenda Actions to "Make Online and Cross-Border Transactions Straightforward ; Digital Agenda Actions on Building Digital Confidence. But to move up a notch to become cloud-active, a climate of certainty and trust must be further developed so as to stimulate the active adoption of cloud computing in Europe.

To deliver on these goals therefore the European Commission will launch three cloud-specific actions:

Key Action 1 – Cutting through the Jungle of Standards.

Currently, individual vendors have an incentive to fight for dominance by locking in their customers, inhibiting standardised, industry-wide approaches. Despite numerous standardisation efforts, mostly led by suppliers, clouds may develop in a way that lacks interoperability, data portability and reversibility, all crucial for the avoidance of lock-in.

The Commission will:

  • promote trusted and reliable cloud offerings by tasking ETSI to coordinate with stakeholders in a transparent and open way to identify by 2013 a detailed map of the necessary standards (inter alia for security, interoperability, data portability and reversibility);
  • enhance trust in cloud computing services by recognising at EU-level technical specifications in the field of information and communication technologies for the protection of personal information in accordance with the new Regulation on European Standardisation;
  • work with the support of ENISA and other relevant bodies to assist the development of EU-wide voluntary certification schemes in the area of cloud computing (including as regards data protection) and establish a list of such schemes by 2014.

Key Action 2: Safe and Fair Contract Terms and Conditions.

Traditional IT outsourcing arrangements were typically negotiated and related to data storage, processing facilities and services defined and described in detail and up-front. Cloud computing contracts, on the other hand, essentially create a framework in which the user has access to infinitely scalable and flexible IT capabilities according to his needs. However, currently the greater flexibility of cloud computing as compared to traditional outsourcing is often counterbalanced by reduced certainty for the customer due to insufficiently specific and balanced contracts with cloud providers. The Commission will by end 2013:

  • develop with stakeholders model terms for cloud computing service level agreements for contracts between cloud providers and professional cloud users, taking into account the developing EU acquis in this field;
  • propose to consumers and small firms European model contract terms and conditions for those issues that fall within the Common European Sales Law proposal. The aim is to standardise key contract terms and conditions, providing best practice contract terms for cloud services on aspects related with the supply of "digital content";
  • reviewing standard contractual clauses applicable to transfer of personal data to third countries and adapting them, as needed, to cloud services;
  • work with industry to agree a code of conduct for cloud computing providers to support a uniform application of data protection rules.

Key Action 3 – Promoting Common Public Sector Leadership through a European Cloud Partnership.

The public sector has a strong role to play in shaping the cloud computing market. As the EU's largest buyer of IT services, it can set stringent requirements for features, performance, security, interoperability and data portability and compliance with technical requirements. Several Member States have started national initiatives such as Andromede in France, G-Cloud in the UK and Trusted Cloud in Germany. But with the public sector market fragmented, its requirements have little impact, services integration is low and citizens do not get the best value for money.

The Commission considers that pooling public requirements could bring higher efficiency and common sectoral requirements (e.g. eHealth, social care, assisted living, and eGovernment services such as open data) would reduce costs and enable interoperability. The private sector would also benefit from higher quality services.

This year, the Commission is therefore setting up a European Cloud Partnership (ECP) to provide an umbrella for comparable initiatives at Member State level. The ECP will bring together industry expertise and public sector users to work on common procurement requirements for cloud computing in an open and fully transparent way.

The Commission will also build on its on-going international dialogues with the USA, India, Japan and other countries, as regards, inter alia, key themes related to cloud services, such as data protection; coordination of data security at the global level; cybersecurity, liability of intermediary service providers; standards and interoperability requirements; application of the tax law to cloud services.

Follow-up : the Commission will by the end of 2013 report on the progress on the full set of actions in this Strategy and present further policy and legislative proposals initiatives as needed.