NSA's Prism Could Cost U.S. Cloud Companies $45 Billion

Losses may total between $35 billion and $45 billion in next three years due to lost business stemming from disclosure of NSA monitoring, new research predicts.
Staten pointed out that the U.S. isn't the only country conducting government surveillance of traffic flowing through Facebook, Google, Microsoft, Yahoo, Apple and other big Internet-based services -- but it's the only one in the news. Germany has its own equivalent to the NSA, the BND, but little is known about what its surveillance practices are. The U.K. maintains a strong surveillance system over public transit and city centers and is likely to have one over its Internet pathways as well. India reportedly mounts its own electronic watch against potential intruders and terrorists.

Staten said the fallout from the Prism news on U.S. companies is likely to be "particularly acute because cloud computing is a rapidly growing industry. This means that cloud computing vendors not only have to retain existing customers, they must actively recruit new customers to retain market share."

Global spending on the cloud will grow 100% between 2012 and 2016. The global IT market is growing 3%, he pointed out. "If U.S. companies lose market share in the short term, this will have long-term implications on their competitive advantage in this new industry," he concluded.

But it may be too soon to estimate the long term effects of Snowden's revelations and subsequent flight to Hong Kong and Russia. Data Center Knowledge, a news site devoted to the latest data center technology, pointed to a survey by Netcraft, a U.K. firm that tracks Internet servers. It found the number of websites hosted in the U.S. from overseas has grown since the Snowden disclosures. In the month of July, 3.6 million websites left the U.S. to hosts overseas. That sounds like a large number, but about 3.9 million moved into the U.S. from other countries, for a net gain of 270,000 additional sites.

Germany, with its strict rules on data privacy, was the most popular point of departure for websites moving to the U.S. "Nearly 1.2 million sites moved from German hosting companies. This was followed by Canada, where 803,000 sites hopped across the border to the US," Netcraft reported.

"Netcraft's monthly Web Server Survey suggests that if multi-national customers have concerns about being hosted in the U.S., they're not acting on them -- at least not yet," wrote Data Center Knowledge editor in chief Rich Miller.

Netcraft also reported that of the 10,000 most popular websites in the world, 40 had moved away from the U.S. since the Snowden revelations. But 47 moved into the U.S., leaving the U.S. with a net gain of seven.

It may take more than 30 days for major cloud customers to decide to move their business, or the sensitive parts of their business, away from U.S. providers. The Netcraft Web server and website data is one indicator. But Netcraft doesn't look down into the repositories of business data, customer data and international patient data that may in fact be starting an outward migration, one that will make Staten's projection of a $45 billion loss by 2016 a reality.

Staten and others agree with the ITIF recommendation that the U.S. must state what data it has access to and the rules that govern that access. It must also establish a judicial check on what security agencies may do to obtain data.

He also recommended that the U.S. lobby other nations at the next G30 economic summit to jointly draft "international surveillance transparency rules that will take any potential chill off the burgeoning cloud computing market."