“Meestal is het contractueel dan wel juridisch niet zomaar toegestaan om het contract vroegtijdig te beëindigen”, vervolgt De Vries. Volgens de Chief Information Security Officer (CISO) maakt de TU/e gebruik van diverse leveranciers uit de VS voor de ICT. “Klanten uit Europa zoals wij zijn een zeer belangrijke inkomstenbron voor deze leveranciers en daarmee voor de Amerikaanse economie, wat het scenario van afsluiten van de dienstverlening zeer onwaarschijnlijk maakt."

“Usually, it’s not possible to simply terminate a contract prematurely, due to contractual or legal stipulations,” De Vries continues. According to the Chief Information Security Officer (CISO), TU/e uses various US suppliers for ICT. “Customers from Europe, like us, are a very important source of income for these suppliers and, by extension, for the American economy as a whole, which makes the scenario of the service being shut down very unlikely.”

That’s not to say, however, that concerns aren’t growing. “That is why we’re following developments closely, including the pilots at SURF and other universities.” But there are no plans or roadmaps for a transition to a European alternative.

Plan of action

Danny Mekić thinks that people at TU/e don’t need to worry about the accessibility of their data just yet. “But what’s happening in the US is worrying,” says the PhD candidate. “That’s why it’s important for the university to have a plan in place in case swift action is needed.”

Mekić is conducting research into human dignity in relation to digital technologies. He also became known for his lawsuit against X, formerly known as Twitter, because he wants access to his personal data and the social platform doesn’t want to grant this to him unless he signs a non-disclosure agreement.

Ally

Mekić thinks a lot is potentially at stake for TU/e employees: “Such as research results and patents – both the ones granted and under development – but I’m also thinking about student data and personnel data, for example. We store more important data than we think.” Incidentally, TU/e makes its own backups of all Microsoft 365 data.

According to the PhD candidate, the US has long been a loyal ally in which we have placed a great deal of trust. The question is how this relationship will develop in the future. He already sees clear examples of changing behavior. “Take the questionnaire that Wageningen University & Research received, for example. In the Netherlands, the advice was not to complete it. But what if the US says: ‘If you don’t fill in that questionnaire, we’ll analyze your research results ourselves to see if we consider them desirable in the context of a visa application?’

This is something that was inconceivable in the past, but no longer is. We can’t take these kinds of things for granted anymore. We really need to have a conversation about what values are important to the Netherlands and how we’re going to solve any potential problems.”

Other options

Mekić has also thought about solutions. “If you want to be able to access your data as a country, you’ll have to store it in a physical location without foreign interference.”

The Chief Information Security Officer of TU/e also sees fallback options and alternatives. There are local backups, for example, and the aim is to use multiple packages for similar applications, if at all possible. “Areas where TU/e is dependent on a single supplier have always had our attention,” says De Vries.

There are staff and students who have their own servers to keep their data under their own management. According to De Vries, this is undesirable in terms of collective security. “Fully meeting all the requirements in the areas of security, privacy, and the like is complicated and costly for an individual researcher or research group and therefore undesirable,” he says.

A European cloud alternative

GaiaX is an example of an existing European cloud initiative whose further development is ongoing. A consortium of Utrecht University, Delft University of Technology, the University of Amsterdam, Erasmus University, and Tilburg University is also working on alternatives. TU/e isn’t involved, but does indicate it’s following the matter with great interest.