Data Protection Impact Assessment (DPIA) before deploying any new technology that is "likely to result in a high risk to the rights and freedoms of natural persons." When conducted for US hyperscaler services, these DPIAs invariably flag the CLOUD Act as a significant, often unacceptable, risk. This legal obligation is increasingly becoming the primary driver of public bodies to seek alternatives.
DPIAs are a key reason US hyperscaler services become red flagged in procurement processes.
a US tech person was against this at SEMIC, told him it's not exclusionary but rebalancing, and that no public sector entity can explain in good conscience why they buy US tech. Private sector is a diff situation, bc there the considerations are not on sovereignty but economic and autonomy related
overheden, stimuleer de vraag naar alternatieven voor de diensten van grote Amerikaanse bedrijven zoals Microsoft, Google en Amazon. Doe een percentage – bijvoorbeeld 20 of 30 procent –van de overheidsbestedingen Europees. Dan stimuleer je de vraag en gaan Europese bedrijven die producten en diensten ook ontwikkelen
public procurement is the easiest way to change things. that money is already being spent on digital, so if more of it is spend on European providers that's a helpful step.