European cloud providers can exploit the privacy issues raised by NSA’s Prism mass surveillance program, according to a report
Thirty five billion dollars – that’s the amount United States-based cloud providers are likely to lose within the next three years from the fallout of revelations that federal security agencies were collecting metadata from American technology companies.
European cloud providers can exploit the privacy issues raised by the blown National Security Agency’s Prism mass surveillance program to win over more customers and eventually wrest from U.S. firms their cloud computing leadership, according to report released by the Information Technology and Innovation Foundation (ITIF).
“The impact of Prism on U.S. companies may be particularly acute because cloud computing is a rapidly growing industry,” wrote Daniel Castro, author of the report. “…Rival countries have noted this opportunity and will try to exploit it.”
Europeans are “trying to edge out” American from their leadership in the global enterprise public cloud computing market which is poised to become a $207 billion by 2016, he said.
Earlier this year, former NSA security contractor Snowden leaked to the media that U.S. intelligence agencies are secretly empowered by law to compel American companies to release metadata on their customers’ phone and online communications. The NSA said data gathered through Prism had been instrumental in thwarting terrorist attacks.
Snowden has fled the U.S. and is now in asylum in Russia where he has received several job offers.
Castro said just how much business cloud providers south of the border might lose due to Prism is still unclear but it is possible that U.S. firms might have to forego anywhere from $21.5 billion to $35 billion by 2016.
Castro wrote that data on which he based his assumptions are “still thin” and that the situation is still developing and likely to change.
Even as the ITIF report about Prism’s impact on U.S. cloud providers began circulating in the media, Silent Circle, a U.S.-based encrypted email service, said on Friday that it was shutting down. The company also offers Silent Phone, an encrypted mobile video and voice service, Silent Text, an encrypted business document service and Silent Eyes a secure teleconferencing platform.
In an email to its customers, the firm said it went to business to offer secure communications services to people has “reconsidered this position” in the light of the government’s surveillance actions and the recent closure of Lavabit. Silent Text said it has not been subpoenaed and has not received any warrants but “We see the writing on the wall, and we have decided it is best for us to shut down Silent Mail now.”
Lavabit is another encrypted email service provider. It was reportedly used by Snowden. Lavabit’s owner said he was shutting his company to prevent being “complicit in crimes against the American people.”
The Lavabit and Silent Circle closures reflect concerns of email providers about the U.S. Foreign Intelligence and Surveillance Act which empowers federal agencies to collect customer data from businesses. The act also comes with a gag order that prevents service providers from discussing in public the order for the disclosure of customer data.
Europe-based cloud providers have in the past used U.S. government actions to their advantage said Castro.
“One tactic they used before the Prism disclosures was to stoke fear and uncertainty about the U.S.A. Patriot Act to argue that European businesses should store data locally to protect domestic data from the U.S. government,” said Castro.
He quoted Reinhard Clemens, CEO of Deutsche Telekom as saying in 2011 that laws requiring American firms to hand over customer data to government agencies could be an advantage to the Deutsche Telekom: “Certain German companies don’t want others to access their system. That’s why we’re well positioned if we are to say we’re a European provider in a European legal sphere and no American can get to them.”
After the Prism scandal broke out German Interior Minister Hans-Peter Friedrich said: “whoever fears their communications is being intercepted in any way should use services that don’t go through American servers.”
Castro pointed out that a 2013 survey by the Informa Cloud World Global Insights survey found that 71 per cent of its respondents considered the U.S. to be the leader in cloud computing usage and innovation. However, other countries are catching up.
Of the $13.5 billion in investments in cloud computing that service providers made in 2011, $5.6 billion came from countries outside North America.
In order to preserve its global cloud computing leadership, Castro recommends that the U.S. government set the record straight about “what information it does and does not have access to” and how its level of access compares to those of other countries.
He said this would require declassifying information about Prism.
Castro also said the government should establish clear international transparency requirements that cover U.S.-based and non U.S.-based companies and disclosure of data to both domestic and foreign governments.
“Many of the economic benefits of cloud computing, such as job growth and revenue, are dependent on the United States being able to export cloud computing services,” he said. “…It is clear that if the U.S. government continues to impede U.S. cloud computing providers, other nations are more than willing to step in to grow their own industries at the expense of U.S. businesses.”