In application of the Law on safeguarding and regulating cyberspace (“Loi SREN”), today Arcep is publishing a Recommendation on the interoperability and portability of cloud computing services, along with the responses to the public consultation that was held this summer.
Making it easier for business customers to switch cloud service providers, strengthening transparency on portability and interoperability, and making APIs more stable
The Recommendation adopted by Arcep, which takes service providers’ contributions to the public consultation into account, defines a set of best practices:
- for transparency, based on the codes of conduct drafted by the ecosystem;
- for API stability, through an advance notice period in the case of updates without backwards compatibility;
- for API description and documentation, thanks to the adoption of the OpenAPI specification, or equivalent specifications.
What comes next:
- Capping egress fees and cloud provider switching charges
Following a public consultation held in 2024 and pursuant to the SREN Act, Arcep submitted a proposal to the Government on the maximum egress (i.e. data transfer) fees that could be charged to users when switching their cloud service provider, proposing to set this amount at €0. It emerged from the Authority’s analysis that, when switching providers, the incremental cost of transferring data under standard conditions – i.e. by using existing infrastructure, while complying with deadline conditions and the clauses contained in the Data Act – can be considered to be nil. Work continues to be done on establishing draft guidelines on the costs that are likely to be taken into account when determining, first, cloud provider switching charges other than those tied to data transfer and, second, egress fees in the case of multicloud solutions.
- Implementation of cloud computing regulation across the EU, via the Data Act
Entered into application on 12 September, the Data Act regulates cloud computing contracts, notably in terms of transparency. It also contains portability and interoperability obligations for cloud computing services. The European Commission can render standards mandatory for certain types of service.