Request Demo Contact Login
Why eperi®
Use Cases
Info Hub
Partners
Inside eperi®
Request Demo
eperi® sEcure
Secure data in all cloud and web applications
eperi Logo
By Use Cases
AnyApp
Protect your data in web applications with comprehensive encryption and meet compliance requirements.
Microsoft 365
Secure your sensitive data in Microsoft 365 products against unauthorized access and ensure data protection and compliance.
SDK
Use the eperi® sEcure SDK to protect data in almost any cloud platform and open up new business potential.
By Industries
Finance
Ensure maximum data security and comply with DORA regulations with eperi® sEcure for the financial sector.
Healthcare
Protect patient data in the cloud and meet legal requirements for IT security in the healthcare sector with eperi® sEcure.
Public Sector
Secure sensitive data in public administration and meet the requirements of the NIS-2 directive with eperi® sEcure.
/ Mehr erfahren
eperi Logo
Newsroom
Stay up to date with our latest blog posts, press releases, press reports and event announcements.
References
Discover selected references for various use cases and industries.
FAQ
Our eperi® sEcure FAQ page provides detailed answers about data protection and encryption for businesses. Find out more about product specifications, compliance support and industry-specific solutions for the optimal protection of sensitive data.
/ Jetzt kostenlos downloaden
eperi Logo
Our Partners
Benefit from the eperi® Partner Network and receive comprehensive support for secure and legally compliant cloud projects.
Become a Partner
Increase your customer loyalty and differentiate yourself with our patented data protection solutions for SaaS and cloud applications.
eperi Logo
What eperi® does
What makes eperi® unique
Memberships
Find out more about our involvement in various associations and organizations
Careers
eperi® - come for the job, stay for the team
eperi Logo

Norway and Denmark warn of US clouds: when will Germany follow?

European data protection authorities sound the alarm: Find out why US clouds are a risk and how companies can protect their data.

7 min

More and more European data protection authorities are sounding the alarm. The Norwegian data protection authority (Datatilsynet) recently issued a clear recommendation: Companies should prepare a strategy on how to deal with American cloud services if data transfer to the USA is suddenly no longer permitted.

The warning from Norway comes as no surprise. A few weeks ago, the Danish Data Protection Agency (Datatilsynet) issued a similar recommendation. The basic tenor: companies should not rely on the current adequacy decision - the legal situation is far too uncertain.

What is behind the warnings?

Both Norway and Denmark see a central problem: European companies that are too closely tied to US cloud services are faced with a shambles if the legal basis suddenly ceases to apply.

If the transfer of data to the USA is abruptly stopped by a court order or regulatory decision, many companies have no alternatives. Contracts, data flows and work processes are up in the air. The consequences range from business interruptions and fines to massive reputational damage.

Will Germany follow suit?

It is very likely that the German data protection authorities (above all the Conference of Independent Federal and State Data Protection Supervisory Authorities - DSK) will also adopt this approach. In the past, German supervisory authorities have often closely followed the assessments of their European partners.

There have long been clear signals that German companies should not rely on long-term legal certainty when using US cloud services. In the past, German data protection authorities have repeatedly emphasized that the protection of personal data has top priority - even if this is inconvenient for companies.

What would that mean for German companies?

If Germany were to issue an official warning or formulate clear recommendations for action, as in Norway and Denmark, many companies would also have to act very quickly. The consequences would be serious:

  • Immediate reassessment of existing contracts with US cloud providers
  • Risk assessments for all data flows to the USA
  • Creation and implementation of plans to ensure data security
  • High time pressure, as data protection authorities set short deadlines in such cases
  • Strict checks on future cloud projects to ensure that they still meet data protection requirements

Companies that have deeply integrated their entire IT infrastructure or business-critical processes into US services would be particularly affected. An unprepared discontinuation of the adequacy decision could have a massive impact on operations and compliance.

What should companies do now?

Waiting is not an option. The clear message from Norway and Denmark is: prepare actively. German companies should take the following steps immediately:

  1. Carry out a data inventory: Where is which data stored? Which data is stored in US clouds
  2. Start risk analysis: Which data flows to the US are essential? Are there any European alternatives?
  3. Develop a data security strategy: Develop concrete plans on how to protect critical data and processes in the short term.
  4. Create true data sovereignty: Use technologies that ensure that sensitive data always remains under your own control, even when using the cloud.

eperi sEcure - the European data security add-on

With eperi sEcure, companies encrypt their sensitive data before it is uploaded to the cloud - regardless of whether it is from US or other providers. The plain text remains exclusively within the company. Even if the data is stored on servers in the USA or in an international cloud, third parties cannot access it.

Advantages of eperi sEcure:

  • Encryption before the cloud: Your data only leaves your company in encrypted form.
  • Key control: Only your company has the keys - no cloud provider, no authority.
  • Full functionality: Despite encryption, functions such as search, sorting and collaboration are retained.
  • Flexible use: Compatible with Microsoft 365, Salesforce and almost any other (including hybrid) cloud environment.

Conclusion: precaution instead of emergency plan

The warnings from Norway and Denmark are a clear signal. German companies should not wait until official warnings are issued here too. Those who make themselves independent today and create genuine data sovereignty are prepared for all eventualities.

Act now - request your personal demo of eperi sEcure and experience how real European data sovereignty works.

The importance of data encryption in the digital age

How secure is your sensitive data? Cyberattacks and new regulations pose major challenges for companies. Our new white paper shows how you can protect your data with effective encryption strategies, meet compliance requirements such as GDPR and NIS2 and close security gaps.

Get practical recommendations, strategic insights and a checklist to take your data strategy to the next level.

Download now for free