It's a hot topic in Europe, and particularly in France with the SREN bill: how can cloud service providers be better regulated? While the government's aim is to strengthen the regulatory framework, the challenge is also to open up this sector to competition while maintaining technological independence.
Sébastien Lescop, CEO of Cloud Temple, and Philippe Latombe, Member of Parliament, are on SMART TECH to talk about this.
Offering an alternative to hyperscalers
" We've taken a big step forward with the DMA on the subject of the Cloud, and SREN has come to France to support the few blind spots that the DMA had, particularly on everything to do with cloud credit, exit fees, reversibility and transparency. "believes Philippe Latombe. The MODEM MP for the 1st constituency of the Vendée believes that tighter regulation ". will make it possible to improve market conditions and open up competition, so that French and European companies can challenge the Americans. ".
European operators are currently lagging behind in Sébastien Lescop, " The challenge is to work over the long term, building a solid industry capable of offering an alternative to hyperscalers. Funding is welcome, but we're not waiting for handouts, what we need are markets. ".
An economic issue, but also an issue of sovereignty for the countries of the European Union? " France is pushing for an obligation of extraterritorial immunity for the most sensitive data. This is not just aimed at the Americans, even though they have the vast majority of the market. "explains Philippe Latombe.
Microsoft and French people's medical data
When it comes to sensitive data such as health, the MP believes that France and the European Union should take a more protectionist approach. " In France, we have the Health Data Hub, which is currently hosted by Microsoft. It holds all the health data of our fellow citizens. This data needs to be protected. " In the long term, this could be made possible by the Cloud au centre doctrine, a set of guidelines issued by DINUM (the interministerial directorate for digital issues), which aims to require public administrations and operators to use SecNumCloud certified clouds, " which greatly reduce the attack surface "says Sébastien Lescop, whose company is certified.
The problem is that the French ecosystem is still " dotted "and even if the solutions exist and are solid, everyone is working in their own corner ". What's more, obtaining certification is a real challenge. In Cloud Temple's case, it took two and a half years of work and 7 million euros of investment. " There are only five SecNumCloud-certified operators to date... "Despite the slowness of the processes, Philippe Latombe believes that, in the end, companies will have to make the final effort, particularly on key issues such as interoperability. " The DMA and SREN require this, but the law cannot go as far as defining standards. That's where it's really up to the companies to come to an agreement to define the standards. The legislator cannot impose standards ex nihilo without prior work by the ecosystem. "