Google has announced a new set of tools for Google Workspace which it says will provide new “digital sovereignty” capabilities to public and private organizations across the EU.
Digital sovereignty refers to the idea that data is subject to the laws and governance of the nation in which it is collected.
The update comes as the use of data from a cloud computing market largely dominated by US vendors continues to draw regulatory scrutiny from EU lawmakers.
Google says the new tools, called Sovereign Controls for Google Workspace, will allow organizations to control, limit and monitor data transfers to and from the EU.
Google says its online collaboration software tools will build on its existing client-side encryption, data regions and access control capabilities.
Google said Workspace’s client-side encryption will help give customers control of their data via encryption keys they can hold either on-premises, within a country’s borders, or in “any other frontier”.
Google claims that it never has access to the keys or keyholders, that the data is indecipherable to it, that it has no technical ability to access it, and that encryption also enables tools such as co- online creation.
Organizations can choose to provide client-side encryption to all of their users or create rules that apply to specific users, organizational units, or shared drives according to Google.
Client-side encryption is now generally available for Google Drive, Docs, Sheets, and Slides, and Google says it plans to expand the feature to Gmail, Google Calendar, and Meet by the end of 2022.
Google also said the updates will improve its customers’ ability to control where their data is stored while it’s at rest, through expanded coverage of data storage and processing in the region, which will come with a copy of the data in the country. .
Google also announced that it is set to add new access controls, which it says will allow customers to restrict and/or approve access to Google Support via App Approvals. access.
These access approval tools will limit customer support to EU-based support personnel through access management and enable support from Google engineering personnel with a remote virtual desktop infrastructure.
Additionally, Google said users will be able to generate data access and action log reports through its Access Transparency tool, which is already generally available.
When will we see the rollout?
The update is expected to roll out towards the end of 2022, with additional features shipping throughout 2023.
Google Cloud will also continue to provide customers with legal mechanisms for international data transfer, which will include making available the protections offered by the new EU data transfer framework once it is implemented.
“We remain committed to equipping our customers in Europe and around the world with powerful technical solutions that help them adapt and stay on top of a rapidly changing regulatory landscape,” a Google spokesperson said. “We designed and built Google Workspace to operate on a secure foundation, providing features to keep our users safe, their data secure, and their information private.”
“Digital sovereignty is at the heart of our ongoing mission in Europe and beyond, and a guiding principle that customers can rely on today and in the future.”