Building an NSA-Proof Cloud

BERLIN – If Germany’s special parliamentary session on U.S. surveillance this week was any indication, European politicians are still worked up about former NSA contractor Edward Snowden’s leaks. Chancellor Angela Merkel declaredthat the revelations had “tested” U.S.-German relations. Green Party politician Hans-Christian Strobele urged the German leader to thank Snowden and offer him asylum for discovering that her cell phone “was probably bugged.” Merkeleven got called a “scaredy-cat” for not standing up to Washington.

The criticism comes as politicians in the region—from Estonia to Germany—are calling for the European Union to create a cloud-computing infrastructure of its own to compete with American providers like Amazon, Google, and Verizon.

The idea is that if the EU has its own cloud—and what form it would take, who would build it, and where it would be based remain unclear—then member states could compel providers to abide by the EU’s (comparatively) stricter data-protection rules. It’s part of a backlash against the long arm of the U.S. intelligence community that has echoes everywhere from Brazil to the United Nations.

One of the main proponents of a European cloud is EU Commission Vice President Viviane Reding, who was in Washington earlier this week to hammer out a treaty that would, if signed, assure that any EU citizens’ data stored in the United States be given the same privacy protections as U.S. citizens’ data (in the aftermath of the Snowden leaks, however, policymakers and privacy advocates in the U.S. are questioning the effectiveness of those protections).

Reding’s cloud formation plan essentially calls for EU nations to band together and create a European champion in cloud systems just as France, Germany, and Britain did in the 1960s, when they created aircraft manufacturer Airbus to compete with Boeing.

“For awhile now, I have been saying it’s time for the Europeans to build their own cloud,” Reding told a German radio station last week. “I think data protection needs to be thought of not as some extra cost, but something that makes us more competitive. When a company can guarantee that its customers’ data will remain secure, they will flock to you—it’s a golden business opportunity for European tech companies. It can become a sales argument.”

Indeed, part of the motivation here is a business one. European politicians want to see their companies exploit a gap in trust in U.S. companies as a result of the Snowden leaks. And two recent studies suggest that this is a sensible idea.

In one study of “industry practitioners and cloud-computing stakeholders” based outside the United States, the Cloud Security Alliance found that 56 percent of those polled would be less likely to work with U.S.-based cloud service providers due to data-protection fears. Another report by the Information Technology and Innovation Foundation suggested that the surveillance revelations could cost the U.S. cloud-computing industry $22 to $35 billion in lost revenues over the next three years.

Read more at The Atlantic