ServerBase Blog

CLOUD Act – are we sitting in the glasshouse, too?

Von Pascal Rebsamen
Tuesday, 12. February 2019

With the signing of the Cloud Act by US President Trump last spring, the world of data storage and retrieval seems to be reorganizing. But what exactly does the CLOUD Act mean and what are the advantages and disadvantages of this agreement for Switzerland or each one of us?

What exactly is it?

The Clarifying Lawful Overseas Use of Data Act, CLOUD Act, is designed to allow US authorities to collect information from users of American Internet companies or IT service providers, even if not stored in the United States, but overseas, for example in Switzerland , This law was created because of the often very powerless US authorities in the non-American area. Here, the data release was often denied, as a legal basis was missing outside the US. Now the US security agencies are trying to back it up with a legal back door – the introduction of the CLOUD Act.

However, this new regulation does not automatically apply worldwide. A bilateral treaty must be concluded between the US and the respective country. This contract facilitates data querying on both sides. In short, you sit as a user in the glasshouse. And often does not even know about it.

Secure server location Switzerland?

For Switzerland such an agreement would be exciting. It would create a legal basis on which Swiss authorities would ensure access to American companies such as Google or Twitter. A data query would be easy. In return, of course, the US wants to see and use their part or, in other words, highly sensitive data from cloud providers based here.

However, much more needs to be clarified in such an agreement. For example, as of when a ‘US reference’ exists, which commits to the exchange of data. Clara-Ann Gordon, a specialist in technology and data protection law, said at the end of last year that a conflict with the Swiss legal system had to be avoided. Our law expressly punishes carrying out acts on Swiss territory without authorization for a foreign state. In addition, even a lawyer can not guarantee that various Swiss companies have no US connection. So there is still a lot to clarify.

But not only here it gets tricky. Due to their attractiveness, the Swiss data centers are particularly explosive, especially with foreign companies. The high standard and the entrepreneur-friendly data protection rules are especially popular with banks and insurance companies from home and abroad. The CLOUD Act also carries an economic risk here.

Microsoft Azure focuses on transparency for the user and against CLOUD Act

Microsoft’s own cloud platform Azure now focuses on more transparency and privacy for its users. With specifically defined six principles Microsoft even wants to limit the accessibility of US companies and argues that each provider should independently control the data of its users and not be controlled. While z.b. With its platform AWS and others to say little about it and with euphemistic phrases in the bright light, Microsoft is trying to set new standards with its principles.

Is our data secure?

After GDPR and now also the entry into force of the CLOUD Act in the US, we are increasingly under the microscope, are screened and have the feeling of sitting with the US authorities at the breakfast table, whether we have something to hide or not. How much information is now flowing overseas depends a lot on Switzerland’s negotiating skills and on the extent to which national law is superior to international law.

This also determines how we have to deal with sensitive data in the future. Until a bilateral contract is concluded – if it exists at all – ServerBase, including all data centers, will be governed exclusively by Swiss law and, as a result, highest data security. And if a bilateral agreement is to be concluded in the future, the data source will be restricted to ‘US-related’ data. Although this relationship is very broad, it is unlikely to affect the majority of our customers. In any case, ServerBase advocates that all customer systems are protected as far as possible from legal interference and remain independent of any legal changes.

« Back to the Blog

ServerBase Produkt-AssistentProduct Assistant
ServerBase Product Assistant

Product Assistant

Our product assistant helps you to find the right products.

In-house IT know-how

Do you have in-house IT personnel or know-how?

Server or services

Would you like to buy entire servers or just specific services?

Availability or price

Is high availability or a low price more important to you?

Number of servers

We can only achieve high availability with virtual servers. How many VMs do you want to operate?

We found something for you!


Cluster VPS

Cluster VPS are virtual servers with extremely high availability, which continue to run without interruption even if our server hardware fails.

Shared or dedicated hardware

Do your VMs need to be separated from other customers only logically (IaaS) or even physically (dedicated Private Cloud)?

We found something for you!


Virtual Datacenter

Virtual Datacenter (VDC) is the flexible and completely autonomously manageable IaaS solution from ServerBase.

We found something for you!


Private Cloud

Our highly available Private Cloud offers simple, web-based management with the flexibility and security of an on-premises environment.

Server type

Do you prefer dedicated bare metal servers or virtual servers?

We found something for you!


Dedicated server

Rent dedicated physical server hardware that is entirely dedicated to you and completely free to manage.

We found something for you!


Standard VPS

Cost-effective servers for standard applications without special requirements with SSD or HDD storage.

We found something for you!


Which service are you looking for?

Full outsourcing

Would you like to outsource your complete IT and have it managed by us?

We found something for you!


My Workplace 2.0

With My Workplace 2.0, you store all your data and applications in our secure Swiss data centers and access them from anywhere.

We found something for you!


What would you like to outsource?