Of their rush to vote down burdensome amendments on a invoice regulating consulting firms, Renaissance MPs additionally voted down amendments that fortify its personal cloud safety technique – casting doubt as to its consistency in pushing the scheme ahead.
Within the wake of 2021’s ‘McKinseygate’ controversy, which spotlighted the in depth use of personal consultancy corporations beneath French President Emmanuel Macron’s mandate, French lawmakers in June 2022 tabled a invoice to control the sphere’s involvement in public policymaking and offer protection to delicate public information.
Macron’s govt has since been looking to dilute the invoice – but it would have long past towards its personal pursuits right through Thursday’s vote (1 January).
“This can be a overlooked alternative which finds inconsistency. [These votes] fear me in regards to the implementation of the federal government’s coverage ‘cloud to the centre’,” Anne Le Hénanff (Horizons, Renew), who tabled the amendments, instructed Euractiv.
Offer protection to delicate public information
The invoice regulates how non-public consulting firms and public administrations, together with the state, can have interaction – encompassing IT consulting services and products.
Since 2021, the federal government has been operating on its ‘cloud to the centre’ coverage, which obliges public administrations to retailer all their delicate information on sovereign clouds. French sovereign clouds are outlined as in line with the SecNumCloud certification, delivered by means of cybersecurity company ANSSI.
Taking into consideration that delicate public information transferred to IT consulting firms acting services and products on behalf of public administrations will have to be saved with the similar stage of safety, Le Hénanff tabled a number of amendments “to fill within the gaps”.
She prompt compelling public administrations to test what delicate information they’d take care of to the personal sector earlier than enticing in a binding contract and to power consulting firms to element technical specs of the cloud they use internally.
Moreover, Le Hénanff prompt aligning cloud safety necessities of delicate information dealing with between consulting firms and public management.
Renaissance MPs unanimously voted towards those 3 amendments, resulting in their rejection.
Those votes have been an about-turn from their earlier place, as Renaissance (Renew Europe) MPs were steadfastly supporting the federal government virtual invoice aiming to “protected and control” the virtual sphere on the finish of 2023, together with many provisions on cloud sovereignty.
Renaissance is additionally a part of the ruling majority with Horizons on the Nationwide Meeting, and each events are a part of the similar EU celebration Renew Europe.
No additional administrative burden
The federal government considers this consulting invoice as an strive by means of the opposition, led by means of communist MPs and Senators to curtail its freedom of motion.
Marie Lebec, delegated minister in control of family members with the parliament, defended the federal government’s place on the Nationwide Meeting, pronouncing that growing further burdens on “civil servants’s workload as a way to discourage them to make use of exterior services and products can’t be a ample resolution”.
Following this reasoning, Lebec gave detrimental reviews on numerous amendments, together with Le Hénanff cloud amendments.
Renaissance MPs adopted Lebec’s place and rejected them by means of a public vote.
Consistent with the Financial system Ministry, which ready the federal government place, Le Hénanff amendments would have pressured consulting firms to use the similar necessities as the ones designed for cloud provider suppliers, concluding that this was once inappropriate and burdensome.
A spokesperson of the Financial system Ministry in particular instructed Euractiv that it didn’t need to “compel consulting firms virtual services and products and infrastructure possible choices in keeping with standards of the management”.
Further cloud safety necessities
Two different amendments have been additionally voted down after receiving destructive reviews from Lebec.
Socialist MP Cécile Untermaier prompt empowering information privateness authority CNIL to test if consulting firms enforced the duty to delete public management authority information a month once they concluded their IT services and products.
Consistent with the Financial system Ministry the CNIL already has competency.
Moreover, far-right Nationwide Rally MPs Aurélien Lopez-Liguori and Timothée Houssin tabled amendments to power consulting firms to retailer all administrations information on SecNumCloud-certified clouds.
The Financial system Ministry justified this determination recalling that SecNumCloud certification has been designed to ensure a top stage of safety for delicate information. It subsequently thought to be those amendments disproportionate.
EU cloud safety negotiations
Those votes come at a time when the French place right through negotiations on an EU cloud safety certification scheme is shedding momentum.
The Netherlands have certainly been main the price towards what they believe to be a protectionist transfer in opposition to its nationwide cloud trade.
Subsequent steps
MP and member of the CNIL Philippe Latombe (MoDem, Renew Europe) commented at the scenario on X, pronouncing that he can be cautious of any identical construction at the French invoice to protected and control the virtual house, pronouncing he would pay explicit consideration to well being information.
[Edited by Nathalie Weatherald]
Learn extra with Euractiv
