Are Server Providers Facing A Backlash Over Continued NSA Revelations?

NSA Revelations

Edward Snowden, the NSA, Heartbleed – it seems every technology story at the moment is in some way linked to these topics. Whether or not you believe that the NSA was directly involved in the Heartbleed security flaw, it is apparent that cloud customers around the world have been rattled by the disclosure of mass government surveillance and security leaks.

What affect have these revelations and worries had on United States-based cloud providers?

Contract Cancellations

A Cloud Security Alliance (CSA) survey found that ten percent of non-United States companies cancelled contracts with American service providers following the admission of the NSA spying program in the middle of 2013.Worryingly for those providers, the survey also found that a massive fifty six percent of respondents are now reluctant to work with any US-based cloud service. Only thirty percent of those surveyed said that ‘spygate’ would have no impact on their use of cloud services.

The data surprised senior figures within the cloud computing industry. Jim Reavis, Co-Founder and Executive Director of the CSA, said the level of scepticism was greater than he expected, but pointed out that he “thought that more people would understand that these activities happen all the time in their countries as well”. Whether or not other countries conduct the same level of covert operations is not clear.

Foreign Intelligence Surveillance Act

Most customers cited one major stumbling block that would need to be addressed before they once again consider American cloud providers – transparency about the US Government’s use of secret orders from the Foreign Intelligence Surveillance Act (FISA).

With internet giants such as Google, Microsoft, and Yahoo all being regularly subjected to FISA court orders, the report showed an almost unanimous call for the White House to disclose more information about the details that are being requested.

Virtually everyone that responded said that providers need to be able to provide at least aggregate information on what they are doing” Reavis said, pointing out that a majority of respondents want hosting companies to be allowed to disclose how many NSA requests they get for each customer record, what kind of information is being requested, and how much is being provided.

European Concerns

The region that cloud providers will be most concerned by is Europe. The cloud is already suffering from a slower uptake in Europe than in North America, and even before the Wikileaks disclosures last year European regulators had published a report warning about how FISA can be used to target non-US individuals located outside America.

The report stated that “FISA can be seen categorically as a much graver risk to European Union (EU) data sovereignty than other laws hitherto considered by EU policy makers” – a quote that led one European-based security firm to note that “”Right now, there are many customers who don’t want to buy American”.

After the Snowden leaks the EU Parliament voted to investigate the privacy and civil rights implications of the NSA spy programs on European citizens. The report is still being conducted, but it is certain that its conclusions will not be favourable for American cloud providers.

The Solution

What do you think is the solution the problem of trust and privacy in the cloud? Is it an inevitability of modern life that other people will be able to learn everything about us merely by switching on a computer, or is government spying an unacceptable level of intrusion?

By Daniel Price

Bruce Guptill

How CFOs and CIOs See Finance Management Priorities

Cloud and the Finance-IT Effectiveness Gap IT leaders today tend to be much better aligned with business and operational leaders and business goals than they were just five years ago. Unfortunately, they are still not ...
Christian Buckley

The Evolution of SharePoint Customization

When I started working with SharePoint back in 2005, deploying WSS 2.0 followed and then SharePoint Portal Server 2003 for a large client, the concept of "customization" as we define it today was not really ...
Ajay

Deep learning to avoid real time computation

Avoid real time computation “The underlying physical laws necessary for the mathematical theory of a large part of physics and the whole of chemistry are thus completely known, and the difficulty is only that the ...
Anita Raj

Will there be a normal to go back to after COVID-19?

The COVID-19 Aftermath Until November last year, not one of us would have expected life to take such a dramatic turn in as short as 4-5 months. Yet here we are - confined to our ...
Patrick Joggerst

Session Border Control as a Service: Faster, More Secure and Dramatically Less Complex Enterprise Communications

Session Border Control as a Service As businesses are increasingly moving to cloud-based unified communications (UC) for improved collaboration and productivity, they must also ensure that their networks and systems are as secure as possible ...
DivvyCloud Podcast

Episode 7: Haste Makes Waste: The Dangers of Rushing to the Cloud

Dangers of Rushing to the Cloud The pressure to accelerate your company’s plans to move to the public cloud is substantial. But it should never be taken lightly. It’s a democratized world far away from ...