BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

UK And Germany Double Down On Joint AI, Clean Energy R&D Efforts
Decarbonizing Heavy Transportation: Quantron's Michael Perschke On Pioneering Hydrogen Solutions
Bridging The Digital Divide In The AI Era - The UNDP Way
Big Tech Ramps Up Content Moderation Amid EU Pressure
Spain's Successful Miura 1 Launch Reignites Europe's Hopes For Space Exploration
UNESCO And The Netherlands Launch Initiative To Ensure Ethical Oversight Of AI
Edit Story
ForbesTech

Do European Cloud Customers Trust US Vendors Post-Snowden?

Ben Kepes
Former Contributor
Opinions expressed by Forbes Contributors are their own.
I cover how technology helps business compete.
This article is more than 9 years old.

Prior to the Edward Snowden revelations, there was little that European cloud vendors could hang their hats on in the face of overwhelming dominance by their US competitors. Amazon Web Services (AWS) and, to a lesser extent, the other cloud infrastructure vendors seemingly had the market sewn up. And then came along Mr. Snowden with his revelations and a spotlight was shone upon US companies and the risks involved with them.

I’ve always been a little bit skeptical about how much of a difference where your cloud vendor is based really makes in terms of governmental surveillance. It seems to me that what Snowden and the broader NSA revelations have shown us is that most governments fold to US demands when the pressure goes on. Add to that the fact that it looks increasingly likely that the NSA has access to international internet pipes and it seems that the idea of protection by using a non-US vendor is illusory.

That said, the reality, and what people's perceptions indicate are often two very different things. A recent study conducted at the InfoSec Europe Conference by vendor Perspecsys would seem to highlight this disconnect between reality and perception. Over half of those surveyed stated that they “don’t fully trust US clouds”. 62% of respondents felt that using a European-based cloud is easier from a regulatory and compliance perspective. At the event there was much discussion of the recent ruling from a US judge who ordered Microsoft to provide emails to authorities, even email data that was stored in European-based data centers.

Other findings from the study include:

  • Cloud adoption is widespread – 80% of InfoSec Europe attendees use some sort of cloud applications
  • Many IT departments do not trust US -based clouds:
  • 47% believe their data is more secure contained in European-based versus US-based clouds
  • 62% believe that negativity toward US clouds is justified, based on reports of the NSA having visibility into this data
  • 59% do not believe that European-based government agencies conduct practices to the same extent as the NSA

Of course there are far better ways to ensure security than just choosing a non-US vendor. How about great encryption for a start? Don't rely on vendors to ensure protection, be proactive in taking steps yourself. Investigate a third-party provider that can deliver encryption and give the user the ability to use their own encryption keys.

Simply deciding to move away from US vendors is a non-nonsensical approach to solving this problem, partly because it's likely to be ineffective but also because it likely leads to missing out on many of the advantages that said vendors can deliver. Rather, a more mature, reasoned and contextual approach towards the problem is what's called for. Look at the data in question, assess the risks and consequences of surveillance and act accordingly.

Ben Kepes
Ben Kepes