Cloud providers and users are facing a real dilemma: The Safe Harbor agreement between the United States and European Union was struck down in October by EU courts, and a new agreement under review to replace it may not provide the ease of user-data transfer that U.S. companies seek -- and it may not protect user privacy enough either. That means uncertainty all around.
The EU is the latest government to voice concern that data stored on U.S. cloud servers would be subject to U.S. government seizures -- as the feds have already tried with a Microsoft server in Ireland. Thus, U.S. cloud providers cannot guarantee privacy, as required by EU laws, and the EU will not allow U.S. cloud servers to store its citizens' data. It's that simple.
The essence of cloud computing is to provide utility-based computing services that use any cloud resource available. If it's in another country, so be it. But the data-management laws come from a very different perspective: that of data isolation.
If public cloud providers are forced to build and operate infrastructure in each country that has a beef with data transmission outside its borders, they can easily comply. But doing so will raise costs, which are passed down to the users. In some cases, the price hikes will undo the cloud's economic viability.
But there's more at risk than cost efficiency. IT organizations, providers, and consultants (like me) will also be burdened with taking on legal expertise to understand and comply with the changing rules and regulations, because most of the larger corporations are multinational. That means we won't be able to focus on the technology as much due to the increased attention on the changing, more-complex data-management rules. And the cloud will get much less efficient.
The trends to data isolationism are not good, and they benefit no one. I understand the motivation behind protecting sensitive data from bad actors -- but not at the price of draining value from a very important technology.
Sign up for CIO Asia eNewsletters.