Public services in Sweden should not use non-Swedish cloud services to handle confidential information, government lawyers say. Sweden’s national procurement services agree, and are calling on the country’s ICT sector to offer cloud services that can be used safely by the country’s public sector. Meanwhile, the public sector should consider stopping any use of cloud-based office solutions in combination with sensitive information, the lawyers recommend.
A warning not to use non-Swedish cloud services was published last week by the legal expert group of eSam, a government digitalisation organisation that involves 23 central government organisations and the Swedish Association of Local Authorities and Regions. The legal specialists say they cannot rule out a non-Swedish provider of cloud services being forced to breach the confidentiality of the information it holds.
In its warning, eSam calls for the creation of cloud services where sensitive information is safe, including for web-based office services. “This has been investigated by several authorities and the issue is complex and needs to be managed at a national level,” the legal experts warn.
The national procurement services, part of Sweden’s legal, financial and administrative services agency Kammarkollegiet, has begun a preliminary study on a new framework agreement for cloud-based office services. Publication is expected in early February 2019. Interviewed by Sweden’s TV4 television 20 November, ICT procurement specialist Daniel Melin calls on the country’s ICT companies to step up and offer safe alternatives.
“There are hundreds of public authorities. Some of them are excellent but others have neither the time nor the resources to analyse all the requirements, which are often complex,” Mr Melin told TV4. “A service of this kind cannot be dependent on a few suppliers, and for obvious reasons they cannot be foreign. We must find a way for Swedish suppliers to develop services that support the requirements of the Swedish public sector.”