What difference does that make, if the parent company is in the US and its executives can be physically compelled to send orders to the local operator?
They license the software to run the cloud , they don’t act run it . Basically a white labeled solution for DC software like OpenStack
This is not a new idea and is how Azure(or AWS) always operated in China. The Azure Fabric software is licensed to DCs owned and operated by 21vianet a Chinese company. Microsoft has no control over what happens there.
No amount of legal[1] US pressure can make Microsoft give access to those DCs as they don’t have it in the first place
This is why you cannot just provision hardware in China in AWS/Azure, you have to enter into separate contract with the Chinese operator first and comply with any government restrictions that the Chinese state may require
[1] illegal/unauthorized tapping is a different matter and preventing that is not the intent of sovereign clouds .
Thanks for explaining. But it sounds like the European version will be less watertight. European customers will be able to “store sensitive data and run critical workloads on AWS infrastructure that is operated and supported by AWS employees located in and residents of the European Union (EU)” [1].
The operator isn't under the other company, so if they say "we need this data" they can just say no.
Now potentially they could try to trick the operator, but I'm not sure a company could be compelled to do so under US law. While there doesn't appear to be any relevant cases, this would fall under compelled speech (https://en.m.wikipedia.org/wiki/Compelled_speech) and it seems like it would fall on the impermissible side to me.
It seems like they're doing it differently than they did for e.g., China.
Note that the money is simply a matter of a contract (e.g., we will hire your company, which is located in China to operate our cloud region. We'll give you X dollars, and you'll give us Y revenue).
For the Germany region, they're using a mixture of technical controls (e.g., the AWS user has to sign off on accesses in a way that's technically not circumventable (think like a phones unlock screen or something protecting the data on the device) and only allowing AWS employees located in the EU to operate it (presumably the goal being that employees physically located in the EU can't be compelled in the same way as those located in the US).
Amazon licenses the technology to the other company and finances their related infrastructure, in exchange for most of the profit they make from it, or something along those lines, I would guess. It’s a contractual agreement.
Do you mean a local subsidiary, e.g. "AWS Europe" or "Microsoft Europe"? Those are included in those acts all the same. If not, what kind of local operator are you thinking that e.g. AWS will use?
