The Brexit vote could impose changes on how cloud providers operate within the UK, but those changes might not be as bad as people fear. However, a lot depends on whether England follows the European Union's data privacy regulations.
When the UK exits the EU, will it take Europe's transnational cloud with it?
London, after all, has been emerging as both the financial services and cloud center of Europe. With the London Stock Exchange hosting the publicly traded companies of many European nations, and London banks financing mergers and acquisitions, London was the logical place for cloud providers to establish their next round of data centers.
Amazon Web Services and Microsoft are in the process of adding to their cloud facilities in the UK. IBM has already done so. All were trying to establish cloud centers close to what has become the emerging financial center of the EU.
On Nov. 5, Amazon Web Services CTO Werner Vogels announced that Amazon would build a cloud facility in the UK with three availability zones, in a blog post entitled: "London Calling! An AWS region is coming to the UK." The center would provide "lower latency and strong data sovereignty to local users," he said.
Five days later, Microsoft CEO Satya Nadella said during a visit to the UK that the company will have its first cloud data center operating in the country by late 2016.
(Image: Craig McCausland/iStockphoto)
IBM added a London data center to its public cloud chain in July 2014, adding to those it gained in its 2013 acquisition of SoftLayer.
Google may or may not have its eyes on London.
In March, it announced it would expand to 10 new regions after completing new facilities in Oregon and Japan, including new locations in Europe. But Google officials haven't mentioned the UK as a sure cloud site. In a Sept. 23, 2014, Google blog, it named four centers in Europe that didn't include London. This Google site lists those it talked about at that time.
For the cloud providers other than Google, is London still calling or does Brexit change the scope of their UK plans? Amazon declined comment on the consequences of the Brexit vote. Google, IBM and, Microsoft had not responded by press time.
But other observers saw cloud fall-out in the vote. Both S&P Global Ratings and Fitch lowered their ratings of the UK as a credit risk, from AAA to AA and AA+ to AA, respectively. The UK government has actively sought to make the country a site for technology startups. Last year it accounted for 43.9% of Europe's startups. In the first quarter of this year, that figure rose to 45.1% in the first quarter of 2015, according to a report by CB Insights.
But the main impediment to the expansion of cloud services in the UK is the fact that after an exit, no one is clear how Britain's laws on data governance will match up with those of the EU. By May 25, 2018, the EU will be subject to the General Data Protection Regulation, which the European Commission adopted April 27 with the goal of implementation 25 months later.
It does such things as enforce the right for individuals to ask that data be erased, a provision the EU applies to Google Search already. It requires a chief data protection officer be appointed at companies engaged in EU trade. It requires individuals actively give their consent when their data is being collected by ecommerce systems. It also specifies when consumers are to be notified in the event of a breach.
Even if the UK exits from the EU, it will still be subject to the provisions of the GDPR, warns Geeman Yip, CEO of BitTitan, in an interview with InformationWeek. BitTitan, an enabler of cloud services for enterprise users. Yip said he is thinking of opening a BitTitan office in Europe, and the UK would be more attractive to him if it didn't enact all of the GDPR rules.
"For a 10 or 20 person company to have a chief data protection officer is a real stretch," he said, and it's a stretch for his own company, with 200 employees. "If the UK does not adopt GDPR, if it takes a more relaxed approach, I'm more inclined to expand my company in there," he said. BitTitan was established in 2007 and is headquartered in Seattle and Singapore.
But not everyone sees a gain in a separate British approach to data and the cloud. Dana Simberkoff, the chief compliance and risk officer for AvePoint, a data management software supplier in Jersey City, N.J., wants to sell its products in the UK and EU without putting out different versions.
In two years' time, if the UK has exited, "companies doing business with European customers will need to comply with the GDPR," Simberkoff said in an interview. That fact will render moot any difference in regulation that Britain might claim from the continent. And instead of making that claim, it's more likely the British government will hurry to bring its own regulations into compliance with the GDPR in order to avoid losing trade, she said.
Despite an exit, "companies will continue on the path that they're on" before the exit because it's a requirement of international business, Simberkoff said. "It's very difficult to build borders around data these days. It's kind of like water, borderless."
If the UK maps out the equivalent of the GDPR, then "it would be much more likely that nothing much changes at all," she added.
One positive outcome would be if Britain sought to adopt the GDPR but imposed some simplification and clarification on it. The GDPR "is very lengthy and complex. It needs to [be] clarified over time," Simberkoff said.
More Uncertainty Ahead
There are other consequences to the Brexit vote that threaten to isolate Britain further, even if it seeks GDPR compliance in the aftermath.
And what if the Brexit vote sets off a renewed desire for independence in both Northern Ireland and Scotland, as some predict that it will? They voted to stay as the English voted to leave. Does the UK warrant more data center investment by cloud providers if it's not so united anymore?
"People need to take a deep breath," said Simberkoff said. If the UK could clarify its data regulations, it would allow both cloud computing and general business to progress with fewer doubts. For AvePoint and other companies trying to do business on both sides of the channel, "a greater sense of certainty" would be their most desired resource.
Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full Bio
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.