Two days before the beginning of its widely-awaited AWS re:Invent conference, Amazon has published something called the “Digital Sovereignty Pledge” that reveals how the firm plans to comply with an evolving regulatory environment.
“We’ve always believed that for the cloud to realize its full potential it would be essential that customers have control over their data”, writes Matt Garman, Amazon’s Senior VP of AWS Sales.
What is Data Sovereignty and What is Amazon Doing to Foster It?
Data sovereignty refers to how much control customers have over the personal information that servers, websites, corporations, and governments have stored as a result of their visits and interactions with their software.
Governments have started to push companies to be more transparent with how they handle this data and regulations across the world are starting to demand that cloud services providers and websites provide customers with the alternative to limit the extent to which they would like to make their data available.
In response to these changes, Amazon (AMZN) is outlining four principles that embody the company’s commitment to allow customers to “control the location and movement of their data”.
To achieve this, Amazon’s AWS service must work alongside its direct customers – the websites, applications, and corporations that they serve – to provide them with the best solutions so they can guarantee that customer data can be efficiently handled.
Amazon is concerned that customers – not users – are facing significant challenges to comply with new regulations as the complexity of the requirements demands more advanced data management solutions.
“We pledge to expand on these [data protection] capabilities to allow customers around the world to meet their digital sovereignty requirements without compromising on the capabilities, performance, innovation, and scale of the AWS Cloud”, the statement reads
Even though Amazon did not provide specifics on the products or services they will be rolling out to help their customers achieve this goal, they could be preparing to make some formal presentations during the re:Invent event.
Amazon’s push for digital sovereignty is not just a matter of being a more privacy-conscious enterprise. It is also a corporate action that aims to mitigate the threat that local data centers and cloud service providers pose to its business as these companies could become the go-to choice for businesses that want to easily comply with data management regulations in their respective domiciles.
AWS’s Control Tower – A Glimpse of What is Coming
In 2021, AWS introduced a solution called Control Tower that allowed its customers to establish governance rules for multi-account AWS environments to ensure that they all adhere to the organization’s best practices.
In addition, the solution allowed customers to have more control over the geographical location of their data – a key variable that regulators are increasingly focusing on to demand further transparency.
Some of the arguments that legislators have cited to push for more in-depth regulations for cloud service providers is that customers’ data could be in danger if it is stored at locations that can be accessed by foreign governments or bad actors.
The four principles outlined by Amazon’s AWS and set forth as the company’s ambitious “roadmap” to foster data sovereignty involve:
- Giving customers more control over the location of their data: one example of the company’s efforts on this front is seen in Europe, where customers can choose to locate their data in eight different regions.
- Enhanced protective measures to prevent unauthorized access to customers’ data: through initiatives such as the Amazon Elastic Compute Cloud (Amazon EC2), the company aims to protect customers’ data from being accessed by unauthorized parties by creating a “strong physical logical security boundary”.
- Supporting data encryption: AWS already allows customers to encrypt their data. However, they will be rolling out new features to facilitate the process of encrypting.
- Protecting data from force majeure events: Amazon aims to create “Availability Zones (AZs)” to provide customers with the alternative of choosing between different locations to store their data so they can comply with local regulations.
Other Related Articles: