About November, 2013, I wrote in this blog a 3 post series about one of the consequence of the NSA espionage, as the data disclosed by Snowden were been made public and analyzed; they were titled Personal Data Privacy & (Europe’s) Cloud Regulation: (I) The dilemma, (II) The privacy approach; and (III) Resignation?? . In these posts I made my own conclusions:
- Finding the balance between Personal Data Privacy and Business Regulation is keyand it’s not easy to solve this dilemma, even harder when the business is around a technology like the Cloud where free movements of data is intrinsic a one of its advantages.
- Data security must be improved (the use of strong encryption that can protect user data from all but the most intense decryption efforts).
- Finally, another worrying reflection to made is that NSA has shown that it is also subjected to the same risks of Data Loss (it doesn’t matter the way) as any other Business, and Snowden is certainly not the only one who had access to those private data of other people
- I understand better why (although very slowly) the European Commission wants to regulate more strictly about some related subjects, despite that measures may cause a negative impact in both business and innovation.
Now it’s been found that NSA activities changed cloud buying patterns, according to NTT and Peer 1 different surveys.
On one hand, a survey conducted by NTT communications (titled “NSA Aftershocks: How Snowden has changed IT decision-makers’ approach to the cloud”) shows the consequences of the NSA activity in the US mainly, but aslo in Canada, UK, France, Germany, Hong Kong. And, from my point of view, the main results found are:
- Almost nine tenths of ICT decision-makers are changing their cloud buying behaviours in the wake of Edward Snowden’s cyber-surveillance allegations.
- Only 5% of respondents believe location does not matter when it comes to storing company data
- It found 25% of UK and Canadian IT decision makers said they had made plans to move company data outside of the US
Please let me quote (and extract) this 9 point summary of report conducted by NTT communications, according to Press Release published by the same NTT:
1) 88% of ICT decision-makers are changing their cloud buying behaviour, with 38% amending their procurement conditions for cloud providers
2) Only 5% of respondents believe location does not matter when it comes to storing company data
3) 31% of ICT decision-makers are moving data to locations where the business knows it will be safe
4) 62% of those not currently using cloud feel the revelations have prevented them from moving their ICT into the Cloud
5) ICT decision-makers now prefer buying a cloud service which is located in their own region, especially EU respondents 97% and US respondents 92%
6) 52% are carrying out greater due diligence on cloud providers than ever before
7) 16% is delaying or cancelling contracts with cloud service providers
8) 84% feel they need more training on data protection laws
9) 82% of all ICT decision-makers globally agree with proposals by Angela Merkel for separating data networks
Note: The survey questioned 1,000 ICT decision makers on their approach to the Cloud, and took responses from decision-makers in France, Germany, Hong Kong, the UK and the US.
Besides, on the other hand, Peer 1 surveyed 300 companies about storing data in the US to analyze the effects of the NSA activuty (after Snowden revelations) and they found that (let me add to the previous NTT’s list):
10) It found 25% of UK and Canadian IT decision makers said they had made plans to move company data outside of the US.
Note: See this DataCenter Dynamics news for more details.
Finally it’s well know the change of policy in Microsoft some months after Snowden scandal:
11) Microsoft allowed its foreign customers to move personal data stored on servers outside of the US in January following the scandal.
Coming back to the NTT Report, its Vice President of Product Strategy in Europe, Len Padilla, said the results show the NSA allegations have changed ICT decision-makers attitudes towards cloud computing and where data is stored.
He said decision makers, however, need to keep in mind the benefits that cloud can bring to business services. And he also adds:
“Despite the scandal and global security threat, business executives need to remember that cloud platforms do help firms become more agile, and do help foster technology innovation, even in the most risk-averse organizations”
“ICT decision-makers are working hard to find ways to retain those benefits and protect the organization against being compromised in any way. There is optimism that the industry can solve these issues through restricting data movement and encryption of data”.