How the US fuelled the European cloud industry
On June 7, The Guardian published a story on PRISM, a surveillance program launched by the U.S. Government’s National Security Agency (NSA). PRISM is in essence a system that allows NSA to extract communication of an individual without a court order, in the interest of US national security. Similar stories have appeared in the past with, for instance, ECHELON but this time there was a twist. Telecom operator Verizon and several large US tech companies were said to be directly affiliated with the program. This list of participating companies included Microsoft, Yahoo, Google, Facebook, Skype and most recently Apple – all Internet services people and companies use every day.
At first this shocked many people in the US who did not at all like that the government could access private communication outside the court system. It was then pointed out that Americans could rest assured that surveillance was primarily aimed at non-US citizens. This remark may calm some, but non-US consumers and enterprises using US-based cloud services still have reason to worry., Incidentally, this also holds a great opportunity for European companies competing for the same users.
Over the past 10 years, North America have become the de-facto home of cloud services such as Amazon and the companies who now stand accused of letting NSA tap into their users’ data. The pressing question is what PRISM means for trust in the US cloud business. Are emails, instant messages and files safe from the eyes of third parties when stored within reach for NSA? Many European cloud service providers have had difficulties competing with their US counterparts due to smaller scale, a difficult-to-reach internal market and often no apparent advantages. Since PRISM surfaced, being a trusted European brand may by itself prove a strong selling point.
The European Commission responded to the PRISM affair with great worry, in particular as the EU-US data protection agreement is under negotiation and a EU data protection law is being drafted. Until that debate is settled, European enterprises may want to be safe rather than sorry and make sure all their data is stored in Europe out of reach for the NSA and other agencies. If so, European cloud service providers have a strong selling point: wiretapping-free services and storage.
Over night, data privacy moved high up on the strategic agenda for people in general and CIOs in particular. European tech companies can thank NSA for providing them with a competitive advantage they could not have invented themselves. It is also a reminder of the first-century question of who will guard the guards themselves. All philosophical aspects aside, European cloud providers should make the most of this opportunity to position. Hopefully, EU guards prove less curious than those in the US.