On 15 January 2025, the Netherlands Court of Audit published The State in the Cloud report. The report drew a clear conclusion: the Dutch government has been making insufficiently considered use of American cloud services. Alarmingly, two-thirds of these services lack a thorough risk assessment, creating potential threats to the safety of citizens and businesses. Over half of the cloud services used are provided by tech giants such as Amazon, Microsoft, and Google. The Court of Audit calls for better collaboration and a more careful evaluation of risks and alternatives.
Privacy Risks for Bodycams
One major concern is protecting sensitive data, including video footage captured by body cams. The U.S. CLOUD Act requires American technology companies to grant access to their data to U.S. authorities regardless of where it is stored. This conflict directly with the European Union’s General Data Protection Regulation (GDPR), which was specifically designed to protect privacy.
Bodycam footage often contains highly sensitive content, such as recordings of criminal activity or private situations involving citizens. While Microsoft disclosed data access twelve times between 2018 and 2022 – none involving EU citizens – there was one global case in 2024 where data was shared with an entity outside the European Union. This underscores the significant risk of unintended access to sensitive information.
Global Data Laws and Their Threats
This problem is not limited to the United States. Countries like China, India, and Australia have implemented laws that may compel access to data stored beyond their borders. For instance, China’s Data Security Law (DSL) mandates access to data worldwide if deemed relevant for national interests.
This highlights the importance of understanding cloud providers’ jurisdiction and regulatory frameworks. Choosing foreign cloud services can expose organisations to coercion and compromise, putting private or operationally critical data at risk and having far-reaching consequences for privacy and security.
Stricter Cloud Policies Are Essential
The Court of Audit has strongly recommended stricter policies focusing on using European or hybrid cloud solutions. Organisations and governments must look beyond cost and functionality when selecting cloud providers. Legal and strategic considerations must take precedence, especially regarding critical data like bodycam footage.
Making informed decisions about data storage locations and implementing stricter contractual agreements can significantly reduce the risks of unauthorised access to crucial data.
ZEPCAM’s Solutions for Navigating Data Challenges
ZEPCAM has long cautioned against the risks of foreign access laws and non-European data storage. That’s why it remains an entirely European player, offering the choice to store bodycam footage solely with trusted European cloud providers. This ensures GDPR compliance, data sovereignty, and security within EU jurisdiction—or in a specific country, per local regulations.
With flexible solutions that can be configured to comply with all local and global laws, ZEPCAM enables organisations to navigate complex data regulations while maintaining complete control. Its trusted, future-proof approach prioritises privacy, security, and operational control, meeting the highest standards in law enforcement and other critical fields.
Want to learn more about ZEPCAM’s professional bodycam solutions and data sovereignty? Contact us today.
