The Dutch government is to "basically [...] exclude" U.S. cloud providers from government IT contracts amid concerns of the reach of the Patriot Act in Europe.
To prevent sensitive citizen data from being compromised by U.S. authorities, the move to bar U.S. companies from providing cloud-based services and data processing capabilities is only a temporary measure until the European Commission changes the data protection laws.
Discussed by the European Parliament's Privacy Platform earlier this month, the Patriot Act is being investigated by European authorities, after Gordon Frazer, managing director of Microsoft UK, exclusively told ZDNet that the Redmond-based company must comply with Patriot Act requests, and other companies with a U.S. presence must do also.
This contravenes European law, which states that organisations cannot pass on user data to a third-party outside the European zone without the users' permission.
In a written answer to a parliamentary question, Dutch minister Ivo Opstelten asserted that, in response to previous questions (Dutch): "This basically means that companies from the United States in such bids and contracts are excluded."
Opstelten admitted that while the Dutch government is "experimenting with Google Docs and Dropbox", though data is believed to be stored on Dutch territory, it is unknown whether they are managed by U.S. companies.
However, "taking into account the possible consequences of the application of foreign law", the minister said that steps would be taken to prevent U.S. cloud service providers or supplier would be "excluded" from contracts handling government or citizen data.
According to other reports, the government is considering a ban on Microsoft and Google provided cloud offerings, requiring policy to be put forward to determine certain requirements for awarding contracts.
Last month, an article published claimed that the power to search suspects with Patriot Act invoked 'delayed warrants' -- the ability to search without formally making warrants known to the subject, to prevent the loss of vital evidence -- were used in 1,618 drug-related cases, 122 cases for fraud, but only 15 cases relating to terrorism.