On Feb. 22, 2012, I raised the question, is cloud computing a global market yet?
The answer was, "nyet," in part because Russia, Brazil, Germany and various other countries insisted on setting barriers to the movement of data across their borders.
It is nearly five years later, and I would like to ask again, is cloud computing a global market finally? Again, the answer is nyet. If anything, the barriers have strengthened.
To IT managers, this can matter. Many enterprises, such as international Italian utility, Enel, are turning to the cloud to give themselves infrastructure in multiple countries. If their cloud provider doesn't have facilities in a country that requires data originating within its borders to stay within its borders, then that can become an operational problem.
Almost anyone can reach that conclusion by looking at the report by Nigel Cory released yesterday, from the Information Technology and Innovation Foundation. The foundation is a non-profit, non-partisan research organization focused on the intersection of technology innovation and public policy. Its report, The Worst Innovation Mercantilist Policies of 2016 has a ponderous name but substitute "protectionist" or "nationalist" for "mercantilist," and you'll catch its drift.
Want to read about the Chinese cybersecurity law passed last year? See China Inches Closer To Finalizing Strict Cybersecurity Law.
In 2012, the barriers to the free movement of data and consistent, cross-boundary access to cloud computing were the nationalist laws being passed that restricted users to suppliers in their own countries and restricted data to staying within the boundaries of the country in which it originated. Germany was one of the first to pass such a law as a barrier to the growing dominance of U.S. cloud service suppliers and the threat represented by the Patriot Act that gave the U.S. government access to data stored cloud servers.
The survey on which those conclusions were based had been conducted by BSA: the Software Alliance, a group of high tech companies that included IBM, Microsoft, Adobe,
In 2017, the surveyor has changed to the Information Technology and Innovation Foundation, but not much else is different. Among the conclusion of the ITIF are:
In 2016, China introduced cloud-computing restrictions that prevent foreign firms from operating in the Chinese market. Hello, Alibaba.
In 2016, China introduced a cybersecurity law that requires international companies operating in China to store data inside China. If they bring intellectual property and source into China for their Chinese operations, they must disclose what it is.
"China has the dubious distinction of of being the world leader in innovation mercantilism," Cory said in an announcement of the ITIF study.
Russia managed to go a step further. It too established a requirement to store operational data in Russia for those participating in the Russian economy. Mandatory disclosure of encryption keys is part of the new data/telecommunications law.
"Every nation wants to be a leader in innovation because it can be a key path to economic growth," said Cory, ITIF trade policy analyst and author of the report. "Unfortunately, as this global race for innovation advantage intensifies, some countries are ramping up destructive, beggar-thy-neighbor policies that tip market scales in favor of domestic production," he said in a summary of the study.
The makers of such policies tend to forget that "this doesn't just hurt their economic competitors; it hurts the entire global innovation ecosystem – and often the countries that put these policies in place," he added.
Other trouble spots for cloud operations, preservation of intellectual property and free movement of data include:
Turkey: In 2016, Turkey introduced a data protection law with such stringent data-transfer requirements that it acts as a de facto mandate to store data within Turkey's boundaries.
Vietnam: Vietnam introduced a local data storage requirement for Internet-based content providers. It also required companies to disclose encryption keys and source code to the government as a condition of doing business there.
Indonesia: Indonesia introduced local data storage requirements for Internet-based content providers.
Germany: Germany passed a telecommunications law that reaffirmed its requirement that data originating within Germany must stay within its borders. The law had not previously applied to parts of telecommunications operations that are now covered.
These were among the examples cited by Cory as he highlighted the restrictions on innovation and the use of cloud computing around the world. The ITIF has issued three previous reports on the subject. Here's a link to the Jan. 11, 2016, report on the restrictive nation-state activity of 2015.