Who’s Looking at Your Data?

  • Jul 7, 2015
  • Share:
Protect your data with Cloud2Me's secure and safe cloud services

Data sovereignty has been a hot topic ever since Edward Snowden revealed the existence of the US government’s clandestine Prism surveillance programme in 2013. But is it a topic that should concern your business? Yes it should if wish to keep your or your customers’ confidential data and communications shielded from prying eyes.

For, as the recent Fifa scandal has shown, US laws have long arms that reach far beyond US shores. Even if a foreign business believes it is operating legally according to its relevant national laws, its electronic data trail — email servers, websites and so on — may involve US-owned infrastructure, which potentially makes it a legitimate target for US intelligence and law enforcement agencies.

As more businesses use cloud-based email, storage and productivity software such as Microsoft Office 365 or Google Apps, the risks become even greater. Many users sign up for these “cheap and cheerful” services without giving any thought to issues such as data sovereignty.

Of course, the revelation that the US National Security Administration eavesdropped on the internet communications of foreign citizens shouldn’t come as a complete surprise.

In the wake of 9/11 attacks, the Bush Administration granted unprecedented powers to the US security services to collect foreign intelligence without a warrant. That included eavesdropping on foreign communications traffic that passes through the US and personal data of foreign subjects hosted on internet servers located in the US. Almost all the data Prism collected came from severs operated by three US companies: Yahoo, Google and Microsoft.

What most worried data privacy advocates inside and outside the US was the compliant attitude of the US internet companies involved in Prism. They had all apparently chosen to quietly acquiesce to the NSA’s requests and systematically allow it to directly access their servers without any legal challenge, the leaked documents revealed.

If the eavesdropping had been limited to collecting foreign intelligence on specific targets to thwart a “real and present danger”, the uproar would perhaps have been more muted. But Snowden revealed that the eavesdropping was systematic, had been going on for for many years and was on a scale hitherto unsuspected — nearly one in seven intelligence reports relied on Prism data.

Snowden’s revelations caused widespread outrage, particularly in the European Union, whose strict data privacy legislation is meant to safeguard the data of EU citizens. When German chancellor Angela Merkel accused the US security services of having tapped her phone, diplomatic tensions between the US and EU grew further.

The outcry in the UK was even greater, as Snowden also revealed that the Government Communications Headquarters (GCHQ), the UK’s intelligence organisation, had also been allowed access to data collected via Prism and so had apparently chosen to flout British legal process.

The Prism revelations have had a big negative impact on trust in US hosting and cloud service providers. Analyst firm 451Research estimates that the loss of trust will cost US-based providers of hosting and cloud services tens of billions of dollars in international business over the next several years.

To allay fears about data privacy, US internet companies now offer EU customers the option to have their data hosted on infrastructure in the EU. Amazon, for example, lets European customers deploy Amazon Web Services exclusively in the European region using its servers in Germany. it promises to not move the data outside of the region they have selected as their “home”, even when backing up the data.

Nevertheless, no matter how much US companies insist that they comply with EU data protection law, for many potential European customers, the suspicion that US firms may covertly continue to participate in US eavesdropping schemes is difficult to shake off.

Of course, for businesses not involved in terrorism or illegal activities, the debate about data sovereignty can seem irrelevant. When choosing a supplier, most potential buyers of hosting services are more interested in asking questions about price, availability, SLAs, and so on.

Nevertheless, as 451Research argues, the customer concern about data jurisdiction is real, particularly in the SME market, where national pride and protectionism carry more weight than in multinationals. If asked to make a choice between otherwise comparable suppliers, many UK-based companies will prefer to “Buy British” hosting services as it benefits the national economy.

The backlash against US internet companies has created a market opportunity for non-US rivals to offer cloud services that don’t depend on US infrastructure to those worried about data sovereignty. Cloud2Me, for example, is a British-owned business that offers a range of cloud services using its own “private” cloud, which is entirely UK-based.

For more information on data sovereignty, contact Cloud2Me on 0845 8386 123 or info@cloud2me.co.uk .

Older
Newer
  • “When I was looking for a hosted desktop solution, I wanted something that was reliable, secure and affordable. I shopped around the market place and Cloud2Me came up highly on all accounts.”

    Peter Bradley – Director
    Integral Talent

  • “We would certainly recommend the services Cloud2Me supply. Much less hassle than building our own cabled network, and Cloud2Me are very quick and helpful when responding to any questions.”

    Tristan Haines - Director
    Zepho Enterprises

  • “I was amazed at how quick the hosted desktop works, faster than my laptop! I love that I can have a pure business desktop which I can access from my windows desktop, home MAC and iPad. Cloud2Me has been a perfect solution provider. ”

    Graham Forbes - Director
    Interesting Apps

  • “I would highly recommend services from Cloud2Me. They’re good value, but most of all the service is excellent. There’s always support available at the end of the phone and Cloud2Me always go that extra mile to help out.”

    Charles Cridland – Director
    Your Parking Space

  • “We were initially cautious and uncertain of the security of working like this – this is something we have swiftly put behind us, the system is completely secure and reliable. Based on our experience I would highly recommend this service to anyone considering an ‘office in the cloud’ with Cloud2Me.”

    Bryn Towns - Director
    RoqSolid

  • “The technical support provided by Cloud2Me is great. Furthermore, I find the service offered by them to be very flexible and tailored to meet our individual needs… The way we are able to access our server wherever we are has transformed the way we work.”

    Dwain Coward
    Coward & Co Solicitors - Senior Partner

  • “I have not had any hitches and any maintenance they carry out never disrupts the services. The customer service is fantastic, even when I email late on an evening I still get a quick response that night, or first thing the next morning. I highly recommend Cloud2Me and their services.”

    Jody Nicholl
    Boolas Bakery

Ready to embrace the Cloud? Request a no obligation, 14 day free trial today.