My brother, Nelson Nones, has lived and worked outside the United States for years. From his vantage point “outside looking in,” I find that his perspectives on U.S. socio-political developments are often somewhat different from the conventional thinking here at home.
This was clearly evident when the news broke In early June about the National Security Agency (NSA) surveillance of e-mail and other digital content. Within just a couple days, Nelson had penned a thought piece on the implications of these revelations on the cloud computing industry.
In his view, the NSA revelations are likely to have numerous serious implications. As he states in his analysis:
“… these threats will be perceived to be so serious that many businesses could decide to abandon the use of cloud computing services going forward — or refuse to consider cloud computing at all — because they bear full responsibility for compliance yet now realize that they have little or no ability to control the attendant non-compliance risks when utilizing major cloud services providers.
In view of recent revelations, the tantalizing cost savings and efficiencies from cloud computing may be overwhelmed by the financial, business continuity and reputational risks.”
You can read Nelson’s full article on his company’s website, Geoprise Technologies Corporation.
I wondered how long it would take for these views to gain traction here in the United States.
It didn’t take long at all. In fact, the Information Technology & Innovation Foundation, a Washington, DC-based think tank focusing on technology policies, released a report a few days ago in which it projects the U.S. cloud computing industry to forfeit between $22 billion and $35 billion in lost business as a result of the revelations about the NSA’s electronic surveillance programs.
That represents between 10% and 20% of a cloud computing market that is expected to be a $207 billion industry by 2016 – revenues which are likely to be sucked up by European and Asian companies instead.
The ITIF report warns that the NSA’s surveillance programs “will likely have an immediate and lasting impact on the competitiveness of the U.S. cloud computing industry if foreign customers decide the risks of storing data with a U.S. company outweighs the benefit.”
The implications are huge because up until now, the United States has been the acknowledged leader in cloud computing usage and innovation, even as other countries have tried to play catch-up.
The ITIF report has garnered the attention of the business press — big time. The Guardian has published a story as has the Financial Times. The story has leached into general news and opinion sites as well, such as The Daily Kos — and others are sure to follow suit.
All of this is a pretty major deal because the cloud computing industry represents one of the fastest growing sectors of the digital communications market. Global spending on cloud computing is anticipated to grow by 100% between 2012 and 2016.
That compares to growth of only about 3% for the global IT market as a whole.
And in case people are thinking that the ITIF report might be unduly alarmist … it appears that the giant sucking sound of cloud computing business going elsewhere has already begun to happen.
Some U.S. tech companies are reporting that they’ve already lost customers, as concerns mount over the NSA’s PRISM program that lets the federal government tap into user information and e-mails held by Internet companies.
The Cloud Security Alliance, a coalition of industry practitioners, corporations, associations and other key stakeholders whose mission is to promote the use of best practices in providing security assurance within cloud computing field, conducted a survey in June and July of companies located outside the U.S. That survey found that ~56% of the responding companies are now less likely to use a U.S.-based cloud computing service, thanks to the NSA’s spying program.
One out of ten respondents reported that they have already canceled contracts with U.S. companies. And that’s only within the past few weeks.
Meanwhile, non-U.S. players in the cloud computing market must surely be laughing all the way to the bank. For example, Artmotion, the largest hosting company in Switzerland, reported a ~45% increase in revenue within just the first month after Edward Snowden’s release of details about the PRISM program.
To be sure, Europeans are wasting no time weighing in on the messy situation the American cloud computing industry suddenly faces. Neelie Kroes, European Commissioner for Digital Affairs, had this to say:
“If European cloud customers cannot trust the United States government, then maybe they won’t trust U.S. cloud providers either. If I am right, there are multibillion-euro consequences for American companies. If I were an American cloud provider, I would be quite frustrated with my government right now.”
Germany’s Interior Minister Hans-Peter Friedrich was even more blunt:
“Whoever fears their communication is being monitored in any way should use services that don’t go through American servers.”
What are the companies that fear their communications are being monitored, as Mr. Friedrich posits? Pretty much all of the bigger ones, I’d think.
OK, U.S. government and administration officials: Have fun unscrambling this egg!
Nones Notes 
One of the best-written pieces I’ve seen on this topic!
Wow, that’s a very pointed admonition from the German Interior Minister that should be weighed by the misguided subset of conservatives that is both pro-business and pro-surveillance state.
Unfortunately, as we contemplate the liberty-for-security bargain we’re being offered by our government, our human brains are wired to make a terrible miscalculation:
–>”This is Your Brain on Terrorism” http://libertymcg.com/2013/07/23/this-is-your-brain-on-terrorism/
The article Phil quotes in this post, and its predecessor (“Forecast for Asia: Partly Cloudy Computing, Chance of Mainstream Adoption,” August 2012; available at http://www.geoprise.com/Asia%20Cloud%20Computing_20120827.pdf), both have strong data security themes which were inspired by numerous discussions I’ve had over the past 5 years with C-level executives at medium-to-large companies in Australia, China, Malaysia, Singapore and Thailand. It was clear from the outset that Asian executives were much more concerned about data security in the cloud than their American counterparts.
In fact, many of the Americans simply did not understand what I was talking about when I attempted to describe what the Asians were telling me.
The underlying reason for Asians’ concerns isn’t the threat of U.S. surveillance; it’s the risk of revealing sensitive data to their own governments – specifically, the tax authorities. The great majority of Asian executives, it seems, insist on keeping absolute control over their data in order to obscure the degree of transparency that Americans naïvely took for granted until now, and which undoubtedly fueled the cloud computing industry’s rapid growth in recent years.
Now that the true risks of revealing sensitive data to the U.S. government have been revealed, it’s clear that businesses of all nationalities are proceeding with much greater caution, to the detriment of both U.S. and non-U.S. cloud providers.
Since the early 1990s when I began to take a hard look at privacy issues, many of my choices have been made based on privacy concerns. Recent revelations have caused that list to grow.
I’ve always been alarmed by my friends who say, “If you have nothing to hide . . .” I usually follow that up with, “Can I come over any time I want and fish your checkbook out of your sock drawer and look through it?”
The federally mandated black boxes that are being built into our automobiles track speed, seatbelt use, etc. They must be included in every new car sold as of September 2014. Supposedly, the owner of the vehicle has to give permission for the release of the data stored about their driving behavior. This is all done in the name of “vehicle safety.”
I have really come to rely on privacy advocacy groups to be the “canaries in the coal mine” here in the U.S. But too many young people have blind trust in our government (present administration included) and have no expectation of privacy. They settle, instead, for the “illusion” of anonymity. Fortunately, the Electronic Frontier Foundation (https://www.eff.org/) has been able to get the attention of some of them.
[…] blogged before about the fallout of the Edward Snowden affair on the U.S. cloud computing […]