The key enabler here is IAM and data (at rest and moving).
If we want to encourage free markets, the GDPR et al. need to be very careful to disincentivize "traffic within different parts of the same entity."
As is, if my regulatory compliance is satisfied through AWS's data and IAM handling, then if an Amazon-hosted service better integrates with those components, it strictly dominates competition.
That's a pretty unregulatable quality, and one easily optimized by Amazon (for itself), and impossibly by everyone else (on Amazon).
This weaponizes data protection regulation into a moat around large everything-and-the-kitchen-sink I/PaaS providers.
There needs to be balance between (a) protecting data & (b) ensuring a competitive ecosystem with multiple viable solutions.
If we want to encourage free markets, the GDPR et al. need to be very careful to disincentivize "traffic within different parts of the same entity."
As is, if my regulatory compliance is satisfied through AWS's data and IAM handling, then if an Amazon-hosted service better integrates with those components, it strictly dominates competition.
That's a pretty unregulatable quality, and one easily optimized by Amazon (for itself), and impossibly by everyone else (on Amazon).
This weaponizes data protection regulation into a moat around large everything-and-the-kitchen-sink I/PaaS providers.
There needs to be balance between (a) protecting data & (b) ensuring a competitive ecosystem with multiple viable solutions.