German politicians are drafting a law which could impose prohibitive regulations on US companies offering services to the German government or industries of national security importance, according to the Wall Street Journal. The bill represents the latest step down a protectionist path taken by European countries concerned about data security.
Measures beneficial European hosting and web services companies, such as regulations to control the geographical location of stored data, have increased since Edward Snowden leaked information about the NSA’s PRISM program. However, efforts to protect the interests of European IT providers from the reach of the Patriot Act began even earlier, such as the certified “German cloud” proposed by Deutsche Telekom’s T-Systems in 2011.
The draft bill, which the Journal says is likely to pass in some form, may include measures requiring US companies to provide source code or other proprietary information in order to qualify for government or other IT contracts deemed sensitive.
Early in 2014, German Chancellor Angela Merkel called for a “separate European Internet” to defend the interests of European citizens and service providers. Even among countries in Europe, where concern over US spying has been widespread, Germany is considered to be particularly concerned with data sovereignty.
This concern has led Amazon to launch a “German cloud” region and Microsoft to consider opening a data center in Germany. New legislation could change those plans, however, and US companies operating in the European market already have plenty of legal considerations stemming from European Union laws, as 451 Research Director, European Services, Rory Duncan discussed with the WHIR in October.