Business groups warn of sovereignty requirement in draft EU cloud cybersecurity regulation

The latest draft European Union cybersecurity certification scheme for cloud services contains “politically motivated” sovereignty requirements, including data localization provisions that major international business groups say will create barriers for entry for non-EU companies as well as EU companies with global operations.

The business groups, centered in the U.S. and the EU as well as Japan and elsewhere, this week hinted the regulations also could violate the bloc’s World Trade Organization commitments, Inside U.S. Trade reported.

The certification scheme is...