GitHub will soon allow cloud customers to store their code data in the European Union (EU), part of a growing push in the technology realm to meet regulatory requirements and customer expectations around data protection — particularly where sensitive information might be at play, such as in the public sector or finance and healthcare industries.
Starting from October 29, GitHub says that all enterprise cloud customers will be able to select an EU region to store all their code, with a company spokesperson confirming that it will use Microsoft Azure’s cloud region in Western Europe (Netherlands) and Sweden.
“Recognizing the desire of many of our EU customers for greater control over where their code is stored, we are prioritizing the rollout of this data residency feature in the EU,” the spokesperson said. “Additional regions will follow in the near future.”
The move will likely placate at least some customers wanting to bring their data closer to home, given that data for all GitHub Enterprise Cloud customers today is stored in the U.S. Early adopters of the new data residency program include German manufacturer Zeiss and Volkswagen’s software subsidiary Cariad.
It’s worth noting that GitHub already allows customers to choose where their data is stored as part of its self-hosted enterprise server product; the latest announcement extends this capability to cloud customers, specifically.
While the U.K. isn’t included in this announcement, as it’s no longer part of the EU, U.K. companies will still be able to choose to store their data in the EU as part of this rollout, as will businesses from elsewhere in the world if it makes sense for them to do so.
Digital sovereignty
Europe’s growing digital sovereignty agenda, an effort designed to bolster the bloc’s control over its own infrastructure, technology, data, and cybersecurity, has led many U.S. companies clambering to convince customers across the pond that they’re serious about not only protecting their data, but also putting the data in a place closer to home with greater granular controls attached to it.
Microsoft has been pitching its data localization efforts to Azure customers, while Amazon, Google, and Oracle have been making similar noises. Infrastructure companies aside, the likes of Zoom and TikTok are also moving data closer to their customers in Europe — all in the name of appeasing regulators and users on the ground.
While GitHub’s European data residency endeavors officially go live six weeks from now, the company confirmed that it will be introducing similar support for other regions in the future, including Australia, Asia, and Latin America. However, no time frame has been given as of yet.
“Customer demand for local data residency is increasing around the world, not just in Europe,” GitHub’s chief legal officer, Shelley McKinley, told TechCrunch. “[But] we don’t have specific dates yet; we’re going to be listening and learning from this initial launch to figure out how fast we can do that.”
In effect, the launch is designed to encourage organizations either to transition over from the self-hosted product or sign up for GitHub enterprise cloud completely anew, in the knowledge that they will be able to choose to store company code locally. Indeed, GitHub offers cloud migration tools for those looking to make the move from enterprise server or from rival code-management platforms.
There are several other mooted benefits of storing data locally, including lowering data-transfer latency. The closer a company is to its code, the faster the data transfer (in theory, at least) — and this could prove beneficial for the AI gold rush permeating the world right now, particularly where AI-assisted software development is concerned.
On that note, GitHub launched its AI Copilot product for enterprises earlier this year, a product that’s only fully available through the cloud (a restricted version is available for self-host customers). So it could be argued that GitHub is indirectly using data residency to lure more customers onto its AI product.
McKinley says that its data residency plan has more to do with “customer preference,” rather than any particular regulatory directive. Indeed, the EU doesn’t have blanket data residency rules, though some laws will indirectly influence where organizations choose to store data — particularly the GDPR, which has strong stipulations around cross-border data transfers. The incoming EU AI Act also intersects with all this and includes data governance provisions around certain kinds of AI systems. Ultimately, it’s easier for companies to manage data when they have greater control over where it’s stored.
“It’s really a customer preference issue, wanting to have your crown jewels — your code — stored in-region,” McKinley said. “Also, being able to really take advantage of GitHub Copilot — that’s not really related to data residency, but it’s about being able to take advantage of all the things the cloud brings you.”