The European Commission intends to act as a strong geopolitical player at next week’s EU-China video meeting. But to do so, Europe must extend its ‘digital sovereignty’, also with regards to China. EURACTIV Germany reports.
‘Strategic autonomy’ is a buzzword that has been ringing through the halls of the Brussels institutions for months. In plain English, Europe no longer wants to be the pawn of major powers, passively dwelling under the military wing of the Americans or idly watching China’s growth.
Jean-Claude Juncker’s “political” Commission was followed by Ursula von der Leyen’s “geopolitical” one, which now intends to actively shape the global order.
Although this kind of autonomy has many facets, one of the most important ones is the so-called “digital sovereignty”, Eric Maurice, the manager of the Brussels office of the Robert Schuman Foundation, told EURACTIV Germany, noting that “the digital world touches all aspects of our daily lives”.
If Europe wants to become more autonomous, it must gain control of those technologies that play an increasingly important role in the lives of its citizens, he added.
In concrete terms, this means Europe should know who controls these technologies and ensure that their use is compatible with the values and objectives of the Union, Maurice said.
US ‘Cloud Act’: a threat to EU data
For now, however, this is not yet the case.
For example, most EU citizens store their data with US cloud providers like Amazon or Google – because there are hardly any European alternatives. This is problematic because US secret services can access this data under the so-called “Cloud Act”.
For this reason, the European Court of Justice overturned in July the so-called “Privacy Shield” agreement, which allowed data transfers between European and US companies, but without providing the legal protection in the US that users enjoy in Europe.
Because this data could be tapped by US authorities without EU citizens being able to take effective action against it, the Court declared it invalid. The matter is now being renegotiated.
For Maurice, this was a step towards digital sovereignty because the EU had stood up for its values and the rights of its citizens.
This was also seen as a positive step by Alexander Rabe, managing director of eco, Germany’s Association of the Internet Industry.
However, Rabe would have preferred it if European alternatives to the US providers had been available at the time of the judgement to allow users to make the switch. “With this ruling, we have taken the second step before the first”, Rabe told EURACTIV Germany.
Chinese 5G providers: Fear of state influence
Such an alternative is in the works, however. Gaia X, a Franco-German project, is to produce cloud services according to European standards next year.
It is a platform where customers can find providers that meet certain criteria – such as compliance with the General Data Protection Regulation (GDPR). US companies are also welcome to participate, as long as they also comply with these standards. Countries from outside the EU, however, will have limited voting and cannot become members of the board.
For Rabe, this is an example of how Europe can extend its digital sovereignty: Through clear sets of criteria which companies must meet in order to be allowed to enter the internal market, which, according to Rabe, they will as the market is highly attractive. “Once you are here, you will have loyal customers who will buy,” he added.
As a positive example, he cites the German security catalogue for 5G providers. For months now, the whole of Europe has been discussing whether to commission Chinese producers like Huawei to equip Europe with 5G technology.
This new mobile phone standard promises top Internet speeds and is essential for innovations such as autonomous cars. Chinese companies offer high quality at a low price – but there is a concern that the Chinese government could influence Huawei to monitor or even shut down critical infrastructure whenever it wants.
The US is cracking down on Huawei, sanctioning the company and demanding Europe to do the same. But Brussels left the decision to the states. Spain hired Huawei, the Czech Republic decided not to.
Germany took the middle way, welcoming all companies as long as they adhere to a catalogue of safety criteria. For example, suppliers have to give a declaration of confidence that no information will reach “foreign authorities” and that they can refuse to “disclose confidential information from or about their customers to third parties”.
Even if this catalogue is not perfect, Rabe believes it is the right approach for Europe. Maurice also stresses that “we must choose our own standards, according to our values”, in data protection as well as in artificial intelligence.
At the EU-China summit on Monday, an investment agreement is on the table, among other things. This is also about digital sovereignty: if European companies operate in China, there is a risk of forced technology transfer, where their innovations end up in Chinese hands, according to Maurice.
The same is true for Chinese players investing in Europe. Rabe also emphasised that Brussels must “verbalise Europe’s requirements for values and technologies clearly and openly” and “make it clear” to Beijing “that this market is open – but in a framework that for us is not negotiable”.
[Edited by Zoran Radosavljevic/Samuel Stolton]