Google has announced a new set of tools for Google Workspace it says will provide new “digital sovereignty” capabilities for public and private organizations in the EU.
Digital sovereignty refers to the idea that data is subject to the laws and governance of the nation it is collected in.
The update comes as the data usage of a cloud computing market largely dominated by US providers continues to attract regulatory oversight from EU lawmakers.
What do the tools offer?
Google says the new tools, called Sovereign Controls for Google Workspace, will allow organizations to control, limit, and monitor transfers of data to and from the EU.
Google says the tools for its online collaboration software will build on its existing Client-side encryption, Data regions, and Access Controls capabilities.
Google said Workspace’s client-side encryption will help give customers control over their data via encryption keys they can hold either on-site, within a nation’s borders, or within “any other boundary”.
Google claims it never has access to the keys or key holders, that the data is indecipherable to it, that it has no technical ability to access it, and that the encryption also enables tools such as online co-authoring.
Organizations can choose to provide Client-side encryption to all their users, or create rules that apply to specific users, organizational units, or shared drives according to Google.
Client-side encryption is now generally available for Google Drive, Docs, Sheets, and Slides, and Google says it has plans to extend the functionality to Gmail, Google Calendar, and Meet by the end of 2022.
Google also said the updates will enhance the ability of its customers to control the storage location of their data when at-rest, via expanded coverage of in-region data storage and processing, which will be accompanied by an in-country copy of the data.
Google also announced it is set to add new access controls, which it says will enable customers to restrict and or approve Google support access via Access Approvals.
These Access Approval tools will limit customer support to EU-based support staff via access management as well as enable support from Google Engineering staff with remote-in virtual desktop infrastructure.
In addition, Google said users will be able to generate log reports on data access and actions through its Access Transparency tool, which is already in general availability.