The Dangers Of European Clouds

The Dangers of European Clouds

A recent study by ITIL just predicted that the US cloud industry stands to lose $21.5 – $35 billion over the next few years related to loss of market share due to PRISM. Is the marketing arm of US cloud providers on vacation?

Europeans (including residents of the UK and other parts of the world) have been justifiably outraged by the revelations of Edward Snowden about the US’ data mining of non-citizen information. Maybe. The truth is that most European governments can access their citizens’ data when held in country with far less due process than the US requires. Further, the US press hasn’t bothered to report much about the fact that the GCHQ (Britain’s version of the NSA; its motto: “Keeping our society safe and successful in the Internet age”) has their own version of PRISM: Tempora. With the secret cooperation of BT, Vodafone, Verizon, Global Crossing, Level 3, Viatel and Interoute, GCHQ gets details of telephone calls, emails, FaceBook posts and other online traffic by monitoring undersea fiber-optic cables – the ones that make up an enormous share of the backbone of the Internet.

So, excuse me for laughing at the hyperbole around the dangers of US cloud providers because of PRISM. The proposed solutions from abroad are even worse. Fears of US government surveillance have sprouted such nonsense as a UK-only cloud or legislation restricting EU members from using foreign clouds.

Me thinks there is more behind the proposed isolationism than data privacy. The US absolutely dominates cloud computing. I don’t know why really, but I can make some guesses. One would be the relative strength of the US economy versus Europe in the last ten years when cloud computing has mushroomed. I have another theory that is related to privacy. The reality is that the US has lax privacy laws and the EU has restrictive privacy laws that don’t play well in a cloud environment. It’s normal for the law to lag behind technology, but in this case, the US’ dearth of regulation has allowed the cloud industry to develop relatively unhindered. Europe’s privacy laws from the nineties don’t help.

While both US and European cloud providers serving EU residents need to comply with EU law, in my experience many US providers don’t bother. I blame that on ignorance and arrogance. As many lawyers as we have in the US, cloud providers just don’t think they have to worry too much about legal requirements. And if they stay within our borders and don’t handle financial or health related data, they don’t have much to think about. So, why not allow users from other countries? The US doesn’t regulate transborder data flows.

I’m not advocating for PRISM or Tempora (or the next secret government program that will be revealed). Nor do I believe all privacy laws are useless. But so far, there has been a major disconnect between what cloud users expect, believe and actually get related to privacy – whether their data is in the cavalier US or the tight-lipped EU.

By Cindy Wolf

Cindy Wolf

Cindy Wolf is a Colorado lawyer with more than 25 years experience representing large and small domestic and multinational companies. Her expertise is in helping companies enter the cloud safely, either as providers or users. She also practices in the areas of corporate law and commercial contracting, with an emphasis on international issues. She can be reached at cindy@cindywolf.com.

(*Note - This publication is provided for informational purposes only. It does not constitute legal advice. There is no implicit guarantee that this information is correct, complete, or up to date. This publication is not intended to and does not create an attorney-client relationship between you and the author...)

Latest posts by Cindy Wolf (see all)

5 Responses to The Dangers Of European Clouds

  1. Thanks for the informative post Cindy – I do think it’s striking how little us Europeans seem to know about our domestic surveillance programmes.
    On the overall subject of cloud security, I would also note that public cloud platforms are often going to be safer than on-premises equivalents because the big providers have the resources (both in terms of hardware/software and personnel) to stay ahead of attackers. Of course, these big providers are overwhelmingly US-based.

  2. My apologies, readers. I gave the wrong name for the organization which did the study on the costs of PRISM to the US cloud industry. It is ITIF – The Information Technology & Innovation Foundation, not ITIL. Cindy Wolf

  3. Interesting that there’s not more press about this — especially from the U.S. side, where the negative spin can be damaging for businesses. Still, regardless of where one lives on the globe the idea of being spied on is unsettling. Those of us who lead pretty simple lives are paying for the actions of a few bad apples.

  4. Basically, you’re saying no cloud, nowhere is going to offer significantly more privacy and security than the US providers. I don’t agree with commenter HH that public clouds are safer than on-premises private clouds like the Cloudlocker. In the US, the law says after 180 days you lose the “expectation of privacy” for files stored in public clouds.
    Also, the big providers like Dropbox, Google, Apple, etc., disclose in their T&Cs that they look through your files, but they say it’s only to find “better ways to serve” their customers, i.e., they’re looking for faster ways to get more money out of your wallet. And they share this info with their affiliates and sell it to others.
    One more thing about public clouds. What goes up doesn’t comes down. You can’t obliterate all traces of any file you ever uploaded. They keep backup copies forever. It’s not clear who can look at these with our without telling you or getting your permission. You can delete your files from Dropbox, you can close your account, but Dropbox, or whoever, will always have backups that NSA or whoever can look at. None of this happens when you keep everything in a private cloud, and the Cloudlocker is a good example. When all your stuff is in your house, they still need a warrant and probable cause that you’re a bad guy. That’s the way it used to be. That’s the way it’s supposed to be. I think private clouds will eventually supplant all the giant public cloud services for this one simple reason.

  5. No arguments here about the lack of privacy in the public cloud. No one bothers to read the terms of service that clearly don’t give the customer an expectation of privacy.
    Perhaps someone more technical than me can explain , however, whether public vs. private really matters as long as the data is being transmitted over the Internet? The GCHQ data gathering is at the transmission level – undersea fiber-optics. It appears that the NSA is also after encryption codes considering the latest news about Lavabit’s shutdown (just my speculation) and the US has strict export rules around types of encryption anyway. When an Internet transmission is broken into packets and sent via multiple pathways, how do you know it hasn’t passed a government collection point on the way to a private cloud? Thanks for sharing your expertise.

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

Big Data Analytics Adoption

Big Data Analytics Adoption

Big Data Analytics Adoption Big Data is an emerging phenomenon. Nowadays, many organizations have adopted information technology (IT) and information systems (IS) in business to handle huge amounts of data and gain better insights into their business. Many scholars believe that Business Intelligence (BI), solutions with Analytics capabilities, offer benefits to companies to achieve competitive…

Cloud Infographic – Monetizing Internet Of Things

Cloud Infographic – Monetizing Internet Of Things

Cloud Infographic – Monetizing Internet Of Things There are many interesting ways in which companies are looking to connect devices to the cloud. From the vehicles to kitchen appliances the internet of things is already a $1.9 trillion dollar market based on research estimates from IDC. Included is a fascinating infographic provided by AriaSystems which shows us some…

Cloud Infographic – Cyber Security And The New Frontier

Cloud Infographic – Cyber Security And The New Frontier

Cyber Security: The New Frontier The security environment of the 21st century is constantly evolving, and it’s difficult to predict where the next threats and dangers will come from. But one thing is clear: the ever-expanding frontier of digital space will continue to present firms and governments with security challenges. From politically-motivated Denial-of-Service attacks to…

IBM and SAP Announce Industry’s Largest Cloud Deal

IBM and SAP Announce Industry’s Largest Cloud Deal

IBM and SAP Announce Industry’s Largest Cloud Deal IBM and SAP have shaken the cloud computing world this afternoon with the announcement of one of the largest cloud deals in the industry’s history – bringing together two of the largest technology companies in a bid to offer a more holistic service to their clients. SAP…

Featured Sponsors

Watching You Shop: Stores And Mannequins “Read” Their Customers And Respond

Watching You Shop: Stores And Mannequins “Read” Their Customers And Respond

Watching You Shop The mannequin in the store window stares blankly ahead as shoppers look at the clothes it is dressed in and contemplate a purchase. One shopper makes some comments. “It’s nice. I wonder if they have my size.” Another takes a few steps inside the store to see where these particular clothes might…

The Internet of Everything Opens Up The World

The Internet of Everything Opens Up The World

Shaping The World With New Technologies As a connected collection of intelligent objects, the Internet of Everything promises to open up those areas of the world hardest hit by economic, political and agricultural blights. Relatively inexpensive devices, paired with revolutionary energy sources and unprecedented access to information offer great promise to farmers and workers in…

Sponsors

What Is A Hybrid Cloud?

What Is A Hybrid Cloud?

What Is A Hybrid Cloud? With the emergence of cloud-computing technology comes the addition of new terminology. The terms public cloud and private cloud are reasonably well understood. However, a hybrid cloud can mean different things to different people. Under The Engine Perhaps the best way to define or explain a hybrid cloud is to…

Placement Opportunities - Find Out!

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

You can help continue to support our community by social sharing, sponsoring, partnering or contributing to this great educational resource.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter