Two recent examples of international suspicion of U.S. cloud computing providers
December 11, 2012 Comments Off on Two recent examples of international suspicion of U.S. cloud computing providers
I’m fortunate to attend and speak at many cloud computing and Big Data events all around the world. I also work with large global corporations and governments to help design and deploy these types of environments. I really enjoy getting to meet such a diverse array of people.
Whenever I give a talk about the potential for cloud computing, I notice – without fail – one common thread among all of these audiences: vast misgivings about cloud computing solutions provided by American corporations. The perception is that the U.S. government will – as a matter of course – intercept, amass, and analyze all transactions, stored information, and network traffic for these cloud environments. Even if routine analysis isn’t being performed, these audiences figure that it only takes a phone call from a U.S. government representative for these cloud providers to “open the kimono”, without telling the customer of course. We’ve already seen examples of these back doors – consider how AT&T opened their network to comprehensive and clandestine monitoring by the NSA.
The people who share these concerns with me aren’t drug kingpins, terrorists, or Washington lobbyists. They’re executives and technology leaders at very reputable global powerhouses that are operating under strict fiduciary and regulatory guidelines. I know for a fact that these reservations – particularly of the PATRIOT Act – are costing American businesses money.
Many people have told me that they go out of their way to store their data in non-U.S. cloud providers, and that they don’t even trust an American cloud provider that’s storing data in Europe or Asia.
Two stories in the news recently highlight the international resistance to American-based cloud computing vendors. In the first case, the British government barred Amazon and Google from participating in the UK’s G-Cloud platform initiative. Service features, enterprise-readiness, and other factors appear to be behind this decision, but a major concern also appears to be
Many of these cloud services store initial data in Europe but then back it up to somewhere where the laws are different and you can’t do that
Coincidentally, a couple of days later we learned of a report that indicates that
U.S. legal state of affairs implies that the transition towards the cloud has important negative consequences for the possibility to manage information confidentiality, information security and the privacy of European end users in relation to foreign governments
At first glance, all of this may be perceived as simply an issue between the American government and the rest of the world. But dig a little deeper and you’ll soon realize that any government has the potential to snoop on information stored within or passing through its borders, or maintained by a firm under its jurisdiction.
Doubt me? How do you feel about hosting your most sensitive data on third party servers based in Shanghai? This problem will only become more prominent in coming years, as more applications and related data move to the cloud, and globalized technology providers try to meet this demand.
What’s the solution? That’s a topic for another time.