Google strengthens ‘sovereign cloud’ offerings to reassure European customers

Google follows Microsoft in taking measures to prevent cloud customers from becoming trade war casualties

Google is the latest cloud giant to reinforce its sovereign cloud credentials in a bid reassure Europeans concerned about US interference.

Google has beefed-up its ‘sovereign cloud’ services in a bid to assuage customers concerned that the Trump administration in Washington could interfere in cloud services run by US providers.

These measures include a Google Cloud Data Boundary enabling customers to dictate where their content is stored and processed.

“This boundary also allows customers to store and manage their encryption keys outside Google’s infrastructure, which can help customers meet their specific data access and control requirements no matter what market,” wrote Hayete Gallot, president of customer experience, Google Cloud, in a blog posting explaining the policy changes.

Moreover, customers using “a large set of Google Cloud products”, including AI services can enable a series of capabilities including Confidential Computing and External Key Management to control access to their data and deny access for any reason.

Users of Google Workspace will also gain the ability to choose between either the US or EU for the processing of their content and can choose a country for data storage using client-side encryption to prevent any undesired access – whether from any government or Google.

It’s not clear how such a policy would work in the UK, should the government press ahead with demands for encryption backdoors.

Google Cloud Air-Gapped, meanwhile, “offers a fully standalone and air-gapped solution that does not require connectivity to an external network. This solution is tailored for customers in the intelligence, defence, and other sectors with strict data security and residency requirements”, added Gallot.

He added: “It is built with open-source components and comes with a targeted set of AI, database, and infrastructure services.”

Like Microsoft, Google also offers its cloud services via third-parties to meet national requirements. For example, it has worked with France’s Thales to build a Trusted Cloud offering by Thales subsidiary S3NS , to meet local sovereignty demands in Europe, which bundles Thales’ cyber security offerings into the package.

Google is not the first or only company to take action to defend its sovereign cloud offerings. In April, Microsoft vice president Brad Smith vowed to sue should Azure be targeted in any of the US government’s trade wars.

“In the unlikely event we are ever ordered by any government anywhere in the world to suspend or cease cloud operations in Europe… Microsoft will promptly and vigorously contest such a measure using all legal avenues available,” said Smith told customers at an event in Brussels.

The company, he said, had taken multiple measures to put its cloud offerings in Europe legally beyond the reach of the US government, including a legally binding European Digital Resilience Commitment.

That came less than a year after Microsoft had admitted that it couldn’t guarantee that UK policing data stored in Azure would remain in the UK.

SAP, too, has launched its own sovereign cloud offerings to address data security concerns, and smaller cloud companies are stepping up sovereignty focused marketing.