How the NSA leaks could affect the US cloud computing industry

Experts say that leaks about the NSA surveillance program could hurt US cloud companies as their customers worry about data security.

|
Pawel Kopczynski/ Reuters/ File
A projection of text on the face of a woman in Berlin, June 12, 2013. NSA leaks have fueled conversations about the security of US-based cloud computing companies.

News of the National Security Agency's data collection and surveillance programs made public ongoing privacy debates in the Foreign Intelligence Surveillance Court, inciting a backlash against the US government both domestically and internationally. 

Concerns about who has access to troves of online data extends from foreign negotiations to business deals: If the FISA court can issue a "national security letter" to gain access to US-based Internet companies’ servers, any foreign company’s data stored on these servers could be accessed by the US government.

A recent report from the Information Technology and Innovation Foundation estimates that the United States’ multibillion-dollar US cloud computing industry stands to lose anywhere from $22 to $35 billion over the next three years because of the NSA revelations.

“If European cloud customers cannot trust the United States government, then maybe they won’t trust US cloud providers either,” said European Commissioner for Digital Affairs Neelie Kroes in an interview with the Guardian in July. “If I am right, there are multibillion-euro consequences for American companies. If I were an American cloud provider, I would be quite frustrated with my government right now."

Industry shifts since the NSA leaks in early June support Mr. Kroes’ argument. Amazon Web Services, widely acknowledged as the global market leader in cloud storage, cut some of its prices by 80 percent in July to remain competitive. The writing on the walls seems clear: The NSA leaks will hurt US cloud companies. But to peg an industry shift to June 2013 would overlook a larger trend that has been taking place in the industry since 2001.

“Enterprises were worried about government snooping well before the NSA leaks,” writes Camille Mendler, principle analyst with the Informa group in an e-mail to the Monitor. “The US government gets most [of the] attention because of the implied powers of the Patriot Act, let alone issues around NSA [and] Prism.”

The concept of cloud computing, or storing massive amounts of data in computers, dates back to the 1950s, though the feasibility of maintaining servers with vast amounts of information did not really take off until the early 2000s with the spread of the Internet. In 2006, Amazon Web Services was one of the first companies to offer large amounts of cloud storage to clients. Within several years, the industry had taken off. Data was increasingly stored in electronic clouds, rather than company hard drives.  

In 2011, Germany’s Deutsche Telekom and other telecommunications companies began promoting cloud-computing offerings as a way for businesses to “outsource their data centers,” according to a Bloomberg article from the time. 

Having all corporate data under the stewardship of US companies would not really be “good for the future of the European people,” said Jean-Francois Audenard, the cloud security advisor to France Telecom, in January 2012. It is “extremely important to have the governments of Europe take care of this issue."

Before details of the Prism program were known, rivals of large US cloud computing companies could only point to the possibility of government surveillance, rather than concrete incidences of the US government accessing user data from Internet providers. The Prism programs confirmed suspicions that data in US servers could be accessed by the US government without a client’s knowledge via US-based Internet servers.

“Whoever fears their communication is being intercepted in any way should use services that don’t go through American servers,” and should stop using American companies such as Google and Facebook, said German Interior Minister Hans-Peter Fredrich in July.

And according to the Information Technology and Innovation Foundation, any market edge within the rapidly growing cloud industry, such as the promise of server security away from the US government’s data collection program, could be a game changer for young cloud companies. 

However, some in the cloud computing industry think that the NSA leaks could signal a shift away from large companies with data storage offerings, such Google, Yahoo, and IBM, commonly referred to as “public” companies, compared to less consumer-driven “private” data storage companies.

If you use one of these data storage companies, even a foreign data firm, “you should have the expectation that data ... is being fed to government agencies,” says Charles Weaver, chief executive officer of MSP Alliance, an international group of cloud and data service providers that advises small software and data storage companies.

This month, President Obama hosted Apple chief executive officer Tim Cook, AT&T CEO Randall Stephenson, and Google computer scientist Vint Cerf to discuss government surveillance. It is this kind of close relationship between large Internet companies and the government that Mr. Weaver finds concerning and says does not exist between smaller data companies and federal governments.

Mr. Weaver says that it is harder to get information from a smaller cloud storage company. Seizure of this data will be noticed, he says. It’s the same thing as with small e-mail service providers such as Edward Snowden’s provider Lavabit. It shut down rather than surrender consumer data. But, Google isn’t about to shut down because of a data request, says Weaver.

Earlier this month, Google announced the company’s intentions to encrypt all data on its cloud platform, typically used by businesses, rather than individuals. Google, however, will still have access to the encryption codes, making arguably them just as susceptible to be requested by national security letters.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to How the NSA leaks could affect the US cloud computing industry
Read this article in
https://www.csmonitor.com/Technology/2013/0826/How-the-NSA-leaks-could-affect-the-US-cloud-computing-industry
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe