blog

Public-sector digitalization doesn't hinge on the IT Operations Inquiry

Fredric Wallsten

Fredric Wallsten

CEO, Safespring

This text is automatically translated for your convenience. You can read the text in:

English Swedish (original) Give feedback
.

The government and the IT Operations Inquiry seem to believe that American cloud services are the only ones available, write four representatives of Sweden’s cloud industry, urging the government to create conditions for domestic and European development in the cloud services domain.

This article was written together with City Network, Binero, and Elastx.

The IT Operations Inquiry does not really present many new ideas, apart from proposing that the Public Access to Information and Secrecy Act be relaxed to give agencies greater autonomy regarding outsourcing operations and using cloud services. However, the inquiry maintains that it is still incompatible with the General Data Protection Regulation (GDPR) to transfer personal data to a so‑called third country lacking adequate legal privacy protections—something the Court of Justice of the EU has already established.

Our view is that the inquiry’s starting point, when outlining the situation and the options available, unfortunately takes a one‑sided perspective and only covers the use of non‑European cloud services. This is happening even as substantial work is underway across the rest of Europe to build a stable and legally sound European cloud infrastructure.

This one‑sided thinking in Sweden about the use of cloud services in the public sector is manifested not least in Niklas Flyborg’s op‑ed, where he too considers American cloud services the holy grail. Flyborg claims that, in his view, it has always been possible to use cloud services in third countries. He concludes that the inquiry supports this: “Therefore, it is positive that a government report, ‘Secure and Cost‑Effective IT Operations – Legal Conditions for Outsourcing (SOU 2021:1)’, now supports that view.”

Apart from these entirely incorrect claims by Niklas Flyborg, we agree with him on the essentials regarding the need for digitalization. The use of cloud services and the ability to outsource IT operations are central issues for all organizations in the digital age, and the public sector should of course not be exempt. A high degree of digitalization increases access to public and municipal services, which in the long run also contributes to a more democratic and equal society. But unfortunately, Flyborg’s premise reflects the prevailing notion held by the government and the inquiry as well—namely, that American cloud services are the only ones available, and that if the public sector cannot use them, development will grind to a halt.

But the digitalization of the public sector does not stand or fall with the ability to use a handful of non‑European services—Europe already has plenty of cloud services that are in use without breaching the GDPR. Across Europe, there is intensive work in this area, with the German and French governments having launched the development of a common open standard for cloud services—Gaia‑X. Meanwhile, the Swedish government remains on the sidelines, trying instead to determine whether it is legal to use non‑European alternatives.

A stickler for procedure might, of course, ask whether these points—which we have repeated many times—are just unnecessary legal hair‑splitting and a lack of pragmatism. We believe that the issue of privacy and the protection of citizens’ personal data is not something to compromise on, especially now, with a very uncertain political climate in many parts of the world. It is against this backdrop that the Court of Justice of the European Union holds that transferring personal data to countries outside the EU should not be possible. It is easy to talk only about American services, but in this context “third countries” would also include, for example, China or Russia. And recently we have also witnessed the foundations of American democracy being shaken.

So once again we urge the government and the inquiry to broaden their view of cloud services and create conditions for domestic and European development in the cloud services field. Take an active part in ongoing development projects, and encourage and inform stakeholders that there are already alternatives that are fully lawful to use, offering full capability and a high level of innovation for digitalization. The digital infrastructure now being built for the public sector is something that will also serve future generations, so it is best to make it as legally robust and privacy‑secure as possible.

Safespring offers flexible and high-performance cloud infrastructure services.

Our Nordic solution provides you with the confidence that you can meet legal and regulatory requirements, such as GDPR, with ease.

Optimize your service with:

Watch demo

Let one of our Cloud Architects show you our platform.

Watch demo
×
Safespring Linkedin Safespring X Safespring GitHub Safespring YouTube Safespring Facebook

Choose language

English flag Svenska flag Norsk (Bokmål) flag Dansk flag

© Safespring AB (559075-0245) 2017-2026