German security law could lock out U.S. tech companies

U.S. tech companies are worried a German law under debate could bar them from doing business in that country if it is approved.

The bill could require companies to turn over source code and proprietary data to the German government or to private critical infrastructure companies, The Wall Street Journal reported on Sunday.

U.S. companies see the language as a way to exclude them from government contracts, given German fears over the National Surveillance Agency’s (NSA) ability to access U.S. companies’ data.


Although the bill is still in draft form, it is expected to eventually pass.

The measure is the latest in a long string of incidents that have U.S. businesses worrying about lost revenue overseas following the disclosures of NSA spying programs.

In response, several major cloud computing companies have opened up EU data centers to ensure overseas customers can keep their data under the stricter EU data security standards.

Amazon even targeted Germany specifically, so its German customers could ensure total compliance with local laws. Germany is seen as having the most stringent data protection laws in the EU.

On Saturday, Germany’s Günther Oettinger also took over as the European Commissioner for the Digital Economy, replacing Neelie Kroes.

In a series of interviews with German media last week, Oettinger appeared to take a harder line than Kroes on several data security issues.

He floated the idea of a single EU data protection agency, a significant change from the current 28 separate agencies, one for each member state.

The European Commission has been considering a new data protection directive for months. The legislation would strengthen data security laws, but keep an individual data protection agency in each member state.