A “fight between two giants” may be brewing, as France takes steps to counter the dominance of U.S. companies in cloud computing. Amid concerns about American laws that permit government monitoring of cloud data, business and government leaders across Europe have touted the need to build strong European mechanisms for cloud storage. This can affect users worldwide, of course, not just in Europe, and the effect on large-scale cloud users in the United States could be significant.
Bloomberg News reported in January that two giant French companies, France Telecom SA and Thales SA, had joined a venture with the French government to offer a “made in France” cloud network to French business, organizations, and individuals. The network would offer incentives or other measures to give preference to French companies and service providers. Business leaders specifically cited the degree of scrutiny and control the U.S. government can exercise over cloud data as the justification for the move.
German businesses have likewise advocated secure, domestic-based cloud storage not subject to U.S. jurisdiction. A CEO at Deutsche Telekom remarked last year that the German government should facilitate the construction of secure cloud networks localized in Europe. Customers, he said, have expressed a desire for cloud storage separate from American law enforcement and regulations. Proposals include possible restrictions on or requirements for the location of cloud servers holding privileged data.
At issue for American companies and cloud users is the effect of certain PATRIOT Act provisions on the management of cloud networks. Paul Miller at the technology blog CloudAve describes how European countries tend to adopt stricter rules regarding protection of personally identifiable information online, as compared to the United States. The PATRIOT Act, passed in the immediate aftermath of the September 11, 2001 terrorist attacks in order, ostensibly, to streamline certain law enforcement procedures, allows the federal government greater access to such information than many Europeans prefer. This has created the opening for European businesses to tout building cloud networks specifically for Europeans.
Microsoft, one of the world’s leading cloud providers, publicly committed to compliance with European data protection laws last year. Observers doubt, however, that they company can keep the U.S. government from accessing data that would be protected under European privacy laws, based on American laws like the PATRIOT Act and FISA. This has caused significant consternation in Europe’s tech community.
These moves by companies in France, Germany, and elsewhere to create a separate cloud network could cause difficulties for American users. American businesses that use cloud computing and cloud storage may rely on easy transmission of data across national borders, as companies may locate servers in multiple countries. Dividing the cloud network into separate national clouds has the potential to disrupt existing users’ access. Any such course of action would involve significant initial costs, measured both monetarily and as opportunity cost.
The extent of these possible disruptions is impossible to predict at this point. Businesses who make use of the cloud should remain aware of these situations in order to effective manage the risk posed to their data and to prevent possible losses.
Prism Risk Management provides businesses and organizations with risk and loss prevention consulting and offers services in loss control planning. To learn how our team can help your organization, contact us today.
More Blog Posts:
Texas Workers Comp: DWC Accepting Comment on Proposed Rules, Prism Risk Management Blog, November 8, 2011
Risk Management 101: What Makes Something Insurable by Property & Casualty Insurance? Prism Risk Management Blog, October 27, 2011
Texas Schools Feeling the Effects of Drought, Fires, Prism Risk Management Blog, September 26, 2011
Photo credit: ‘Storm Clouds over London’ by Garry Knight (Flickr: Storm Clouds over London) [CC-BY-SA-2.0], via Wikimedia Commons
Prism Risk Management, LLC 