AmCham EU issued a joint statement alongside key EU digital business organisations to express concerns over several procedural and substantial elements in the Cybersecurity Certification Scheme for Cloud Services (EUCS) currently undertaken within the European Union Agency for Cybersecurity (ENISA). While the EU's ambition to tackle global cyber threats and protect citizens, institutions and businesses through cybersecurity certifications is appreciated, the inclusion of 'digital sovereignty' requirements risks negatively impacting international and European providers of cloud computing solutions as well as organisations that use cloud and require high levels of cybersecurity assurances.
Key organisations express concerns over the Cybersecurity Certification Scheme for Cloud Services
AmCham EU issued a joint statement alongside key EU digital business organisations to express concerns over several procedural and substantial elements in the Cybersecurity Certification Scheme for Cloud Services (EUCS) currently undertaken within the European Union Agency for Cybersecurity (ENISA). While the EU's ambition to tackle global cyber threats and protect citizens, institutions and businesses through cybersecurity certifications is appreciated, the inclusion of 'digital sovereignty' requirements risks negatively impacting international and European providers of cloud computing solutions as well as organisations that use cloud and require high levels of cybersecurity assurances.
The potential inclusion of 'digital sovereignty' requirements will create complex legal compliance procedures, create obstacles to information sharing, give rise to significant entry barriers for companies and will not necessarily increase levels of cybersecurity. The EUCS discussions have been characterised by limited transparency and lack of stakeholder engagement. Moreover, the different Member States' positions on this issue might result in Single Market fragmentation, should these provisions be adopted. Thus, the signatories urge ENISA and the European Commission to inform and engage with stakeholders throughout the EUCS finalisation process to prevent it from carrying unnecessary and discriminatory requirements.
Related items
:focal())
News
13 Mar 2026
Discussing digital policy priorities with MEPs in Strasbourg
From Monday, 9 to Wednesday, 11 March 2026, AmCham EU travelled to the European Parliament in Strasbourg for a series of meetings with policymakers to discuss ongoing EU digital policy initiatives. The delegation met with members of the European Parliament, accredited parliamentary assistants and group policy advisers , to discuss priorities for the EU’s digital agenda. This includes exchanges on AI Omnibus, Digital Omnibus, Cybersecurity Act review, the Digital Networks Act and the upcoming Cloud and AI Development Act. Throughout the meetings, members emphasised the importance of urgent action to support the simplification of overlapping digital rules, strengthening cybersecurity while avoiding fragmentation in the Single Market and supporting innovation through proportionate, risk-based regulation.
:focal())
Position Paper
11 Mar 2026
Advancing EU data and cybersecurity rules through the Digital Omnibus
:focal())
Position Paper
11 Mar 2026
Supporting artificial intelligence uptake through the AI Omnibus
Policy priorities
Insights and advocacy driving Europe’s policy agenda. Our priorities support growth, innovation and a stronger transatlantic economy.
Membership
Connecting business and policymakers to strengthen the voice of American companies in Europe.