Cloud // Infrastructure as a Service
News
8/14/2013
07:47 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

NSA's Prism Could Cost U.S. Cloud Companies $45 Billion

Losses may total between $35 billion and $45 billion in next three years due to lost business stemming from disclosure of NSA monitoring, new research predicts.

9 Android Apps To Improve Security, Privacy
9 Android Apps To Improve Security, Privacy
(click image for larger view)
The revelations about the monitoring of phone calls, emails and Internet traffic by the National Security Agency's Prism program will cost U.S. cloud suppliers either $35 billion, $45 billion, or maybe not so much, depending on how you interpret recent data on the continued use of hosting services, according to analysts looking at the aftermath of the Edward Snowden leaks.

The $35 billion figure springs from a recent survey by the Cloud Security Alliance, which found that 56% of 500 respondents said the disclosures by the fugitive NSA systems administrator would cause them to lose non-U.S. business. Canada, plus Germany, France and other European countries, have rules that require companies to guarantee the privacy of data that originates within their borders. Most comply by keeping the data on storage inside its country of origin.

Daniel Castro, an analyst at the Information Technology and Innovation Institute, a technology think tank, used that figure to project that U.S. cloud service suppliers are likely to lose $22 billion to $35 billion in business to European rivals over the next three years. The rivalry is already well entrenched, with European governments investing in future competitors of U.S. companies.

Castro reported that Jean-Francois Audenard, the cloud security advisor to France Telecom, "said with no small amount of nationalistic hyperbole, 'It's extremely important to have the governments of Europe take care of this issue. ... If all the data of enterprises is going to be under the control of the U.S., it's not really good for the future of the European people.''' France recently invested 135 million Euros in a joint cloud venture with French business.

[ What can you learn from the NSA? See The NSA And Big Data: What IT Can Learn. ]

The losses by U.S. companies could be greater, concluded James Staten, lead cloud analyst at Forrester Research, after reviewing Castro's report. Castro's analysis looked only at the business that might be withdrawn from U.S. providers by foreign companies and concluded that 20% of that business was at risk of going away regardless of security questions. Staten said some cloud users in the U.S. will also have to bypass U.S. cloud providers and move part of their business overseas to satisfy their international units and customers. That would add $10 billion to Castro's total, he said.

"European Union rules require data about EU citizens be stored and retained in the EU ... so seeking an EU-based cloud provider or non-cloud IT provider would be a prudent tactic for a U.S. business," Staten noted in a lengthy blog post dated Aug. 14.

Staten wrote that Neelie Kroes, European Commissioner for Digital Affairs, summarized the problem: "If European cloud customers cannot trust the United States government, then maybe they won't trust U.S. cloud providers either. ... If I were an American cloud provider, I would be quite frustrated with my government right now." Between now and 2020, the consequences may be a shift in billions of dollars worth of business away from American suppliers to European suppliers, Kroes predicted.

The data privacy rules don't only apply in European countries. Canada has strict requirements on its citizen's medical records. Since the U.S. Patriot Act was passed, Canada has forbidden medical information on its citizens to be stored on U.S. servers. It's unlikely that concern would be eased by the Snowden revelations.

Pat O'Day, co-founder of the VMware-compatible cloud service, Bluelock, said there are many VMware customers in Canada that have an interest in a cloud supplier for backup and recovery purposes. Bluelock offers such a service, geared to work with the VMware product set. But he finds Toronto customers moving their data across the continent to suppliers in Vancouver "just to keep it on the north side of the border," rather than turn to a closer provider in Indianapolis.

"Both data and IP concerns were already driving decision-making behavior for our northern neighbors due to the Patriot Act. But the recent NSA situation is unfortunately underscoring and exacerbating the issue," O'Day said in an email.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Laurianne
50%
50%
Laurianne,
User Rank: Author
8/15/2013 | 3:46:55 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
Staten, a longtime cloud industry expert, is not known for over-estimating, which makes his prediction all the more worth noting.
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
8/15/2013 | 8:13:03 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
Former Citibank CEO Walter Wriston observed that capital goes where it's wanted and stays where it's well-treated. Since modern currency is just data, data flight from the U.S. cloud industry isn't a surprising outcome given the unwillingness of U.S. authorities to accept limits on surveillance.
GHCro
50%
50%
GHCro,
User Rank: Apprentice
8/15/2013 | 11:05:29 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
I don't understand this. The ITIF report says "the reality is that most developed countries have mutual legal assistance treaties (MLATs) which allow them to access data from third parties whether or not the data is stored domestically."

This tells me that no data is secure nowhere no how. So why would US cloud providers suffer such losses? It doesn't make sense unless the assumption is they don't know how to fight back with the facts.

I think the real threat to cloud providers across the globe is coming from the rise of private cloud providers like Cloudlocker (www.cloudlocker.it), at least on the consumer side. I think it's new products like this plug n play device that pose the biggest threat to the old-line public cloud services, which have always suffered from fatal flaws in privacy and security.

The private, personal clouds like the Cloudlocker eliminate these flaws, and that's why I see them taking over this space, soon to be followed by enterprise-level versions of private clouds, once good ol Yankee ingenuity kicks in. One door closes, another door opens.
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
8/15/2013 | 11:08:01 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
The estimates make me think of Rob Preston's recent column on grabbed-out-of-thin-air statistics. (Though Laurianne's comment gives me pause.)
KPERRY6378
50%
50%
KPERRY6378,
User Rank: Apprentice
8/16/2013 | 5:03:35 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
Agreed (and most people don't get that currency is not stored value; much better described as information, so very key point).

So, I'm looking at these developments with no small amount of dread. Cross border data management is a high enough hurdle to manage, both with complex, conflicting regulations and double-standards in many jurisdictions. Favorite quote, ". ... If all the data of enterprises is going to be under the control of the U.S., it's not really good for the future of the European people.''' My interpretation: a lot more attention will be payed, and it will get much more difficult to manage multi-national operations. Costs will go up, efficiency down.

Lack of "rule of law" creates friction. Friction is bad.
Michael Endler
50%
50%
Michael Endler,
User Rank: Author
8/17/2013 | 6:05:18 AM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
If and when Snowden finally stands trial, I wonder if stats like this one will be used to demonstrate how his leaks hurt American interests. It wouldn't be much different than what prosecutors argued in the Bradley Manning case. The Manning case involved national security, whereas these stats refer to economic consequences-- but still, several parallels. As Snowden's many supporters demonstrate, a lot of people would argue the United States damaged its own interests by deploying PRISM to begin with. In a legal court, I have the feeling this sort of argument might be allowed to stand-- but in the court of public opinion, much more interesting question.
cbabcock
50%
50%
cbabcock,
User Rank: Strategist
8/21/2013 | 7:44:46 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
When you have a world-leading industry in cloud services and you give your best potential customers an excuse to temporize and build a local alternative, which they wish they had anyway, you're probably making a mistake.
MarciaNWC
50%
50%
MarciaNWC,
User Rank: Author
8/21/2013 | 9:31:43 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
Not surprised that Prism on top of the Patriot Act would be a real headache for U.S. cloud providers. European cloud companies reportedly have been using the Patriot Act as a marketing tool against U.S. cloud companies.
WKash
50%
50%
WKash,
User Rank: Author
8/22/2013 | 8:41:39 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
There is a certain irony that federal agencies are still investing in their own private clouds to protect their data.
ANON1242159798500
50%
50%
ANON1242159798500,
User Rank: Apprentice
8/30/2013 | 4:51:23 PM
re: NSA's Prism Could Cost U.S. Cloud Companies $45 Billion
"The rivalry is already well entrenched, with European governments investing in future competitors of U.S. companies."

It doesn't matter who.

All those Co. mine and sell data all day long 24/7 365. They all do. They don't all tell you about it ether or who they had sold it to.

The Corp.'s WORLD WIDE have been doing it since the release of the internet in the public venue.

They all make more money off of your blind trusts. If you are going to get down on one entity. You would be foolish, and even negligent not to address all of the problems. And that is all of the Co.'s, and Corp.'s, and all those that mine our data.

They haven't paid a dime to any of us, but are getting rich off of our data. They should have to pay modern market rates for every bit, and byte. Or just stop doing it period.

If you knew everything they did with it. The NSA probably wouldn't be the top of the list.

That's if it really is about what is right, and not what is profitable at any cost.
Multicloud Infrastructure & Application Management
Multicloud Infrastructure & Application Management
Enterprise cloud adoption has evolved to the point where hybrid public/private cloud designs and use of multiple providers is common. Who among us has mastered provisioning resources in different clouds; allocating the right resources to each application; assigning applications to the "best" cloud provider based on performance or reliability requirements.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.