Swedish legislation

Swedish and European law provide better protection than, for example, US legislation.

When you store data on a server in the cloud, the law of the country where the parent company is registered applies. This means that several large cloud services are subject to US law.

If you are based in Sweden and sign a cloud storage agreement with a (subsidiary) company in Ireland or Sweden, it does not matter whether the parent company is American. In that case, it is US legislation that applies to your content on the server.

US law differs from European and Swedish law

At the same time as discussions in Europe were at their most intense about the GDPR, the CLOUD Act became part of US law. The CLOUD Act requires a “provider of an electronic communications service or remote computing service that is publicly traded in the United States to preserve, back up, or, if necessary, disclose the contents of a cloud service that relates to a customer or subscriber within its provision, custody, or control, regardless of whether such communications, records, or other information are located within or outside the United States”.

This may be worth considering for anyone storing sensitive information in the cloud.

Don’t confuse the GDPR with the CLOUD Act and FISA 702

Despite a generally high level of awareness in Sweden, few Swedish companies are aware that their business-critical information is exposed to foreign law if it is stored on foreign cloud services. What even fewer know is that US national legislation cannot be waived when civil law agreements are signed with the companies.

To comply with the GDPR, US cloud services have been forced to offer EU storage to Swedish companies. What many companies fail to realize is that business-critical information is at risk of being exposed to foreign authorities, even though the actual storage of data takes place in server halls within the EU.

In other words, the US authorities have the right to demand access to your data if you store it on a server owned by a US company.

Synkzone is a Swedish company. Our servers are located in Sweden.

The encryption technologies we use make your information and data as technically secure as possible today. But if at the same time there are laws – like the CLOUD Act – that override our technical solutions and the provider must be able to access your data if the authorities want to take part of it, the technical security is not worth anything.

You are still not in full control of your data.

That’s why it’s so important where your cloud service provider has its parent company and where the servers are physically located.

As Synkzone is a Swedish company with servers in Sweden, it is not subject to the CLOUD Act. No government agency – or anyone else – can access your information on the server.

With Synkzone you have full control over your data.