Mid July, the European Court of Justice struck down the Privacy Shield agreement between the EU and the US. The court ruled US law incompatible with EU privacy regulations, as US government agencies have access to data of EU citizens managed or stored by US firms. This violates the Charter of Fundamental Rights of the European Union and the GDPR.
In essence the ruling means that US companies can not handle data in compliance with the GDPR. European data centers or Standard Contractual Clauses (SCCs) are no solution, as access to data already defines a data transfer and US law supersedes contract law. The only legal solution to regain compliance with EU law is to immediately stop data transfers to the US businesses and repatriate data currently residing with them (source)
The European Court of Justice ruled that the US government infringes on the data protection rights of EU citizens and thus invalidated Privacy Shield, the agreement covering data transfers between the EU and the US. Either the US will have to change its laws (FISA and Executive order 12333 in particular) and keep its security agencies and courts from snooping in data of EU citizens, or the EU will have to change its laws and reduce it’s legal security and privacy guarantees.
As US firms can no longer comply with the GDPR, businesses in Europe have to immediately stop giving US businesses access to personal data of EU citizens. Cloud services like Google services, Dropbox or Microsoft365 can no longer be used for personal data. On premises solutions from US firms can still be used, as can purely EU hosted and managed cloud platforms.
To ensure compliance with EU privacy laws, European firms should stop data transfers to the US and thus move to on premise or EU hosted alternatives. For example, Mirosoft Office Online Server can still be used, as can alternatives like Collabora Online or ONLYOFFICE. For full online productivity, solutions like IONOS‘ Nextcloud offering can easily guarantee GDPR compliance by using Europe’s largest hosting provider with worlds‘ most deployed on premise collaboration platform.
To learn more about the ruling, we recommend the FAQ of the European Data Protection Board.
Nextcloud Hub 25 Autumn erleichtert Ihnen den Einstieg in eine leistungsstarke Zusammenarbeit, während Sie die vollständige Kontrolle über Ihre Daten behalten. Von globalen Design-Updates bis hin zu verbesserter Benutzerfreundlichkeit und Leistung – entdecken Sie unsere neueste Version in diesem Blog.
Mehr lesen
Anfang 2025 begannen US-Hyperscaler, in einer großen PR-Kampagne neue „souveräne Cloud“-Angebote in Europa zu bewerben. In den letzten Wochen ist ihr Narrativ jedoch in sich zusammengebrochen. Es sind nicht die Kritiker, die die Widersprüche aufdecken – die Technologieunternehmen selbst haben zugegeben, dass ihre „souveränen” Versprechen heiße Luft sind.
Mehr lesen
Nextcloud ist die erste Cloud-Plattform, die mit dem Umweltzeichen „Blauer Engel“ ausgezeichnet wurde und damit beweist, dass eine digital souveräne und grüne IT möglich ist.
Mehr lesen
Unternehmen, ob klein oder groß, brauchen eine Möglichkeit, die Ausfallsicherheit und digitale Souveränität ihrer Abläufe zu gewährleisten - eine Open-Source-Alternative zu Teams, die die Privatsphäre respektiert. Und heute stellen wir diese Lösung vor - Nextcloud Talk.
Mehr lesen
Bechtle und Nextcloud kündigen heute eine vollständig verwaltete Kollaborationsplattform für den öffentlichen Sektor an, die keiner Ausschreibung bedarf und sofort bereitgestellt werden kann.
Mehr lesen
Our mission is to help individuals, businesses and organizations achieve digital sovereignty and regain control over their data. Nextcloud Hub 5 marks a massive step forward towards achieving this mission, putting the power of AI into your hands – in a way that keeps you in control. New release, new possibilities Hub 5 builds on […]
Mehr lesen
Plan your day while staying in control of your data. Use the power and convenience of modern online scheduling tools, hosted on your terms, with Nextcloud Calendar
Mehr lesen
We have decided to withdraw the complaint against Microsoft with the European Commission’s Directorate-General for Competition, given the lack of interest from the European Commission, lengthy process and costs on our side.
Mehr lesen
Nextcloud joins dozens of European technology companies and the European Digital SME Alliance in urging the EU member states to reject CSA Regulation also known as the “Chat Control“ law.
Mehr lesen
