Global menu

Our global pages


TMT legal update: Cloud computing must resist the storm caused by the PRISM scandal

    • Other
    • Privacy, data protection and cybersecurity
    • Technology
    • Technology, Media and Telecoms - Technology



    Business should continue to adopt cloud computing despite the surveillance and security issues raised by the PRISM scandal, the European Commission has stated in a press release issued on 15 October 2013.  


    After the scandal caused when former CIA employee Edward Snowden revealed that the US National Security Agency (“NSA”) had been data mining emails, photos, video calls and social network details held by a range of US internet firms, the European Commission has moved to encourage uptake of cloud services despite fears as to their security. The EC stated: “trust in cloud computing is suffering, which risks depressing the rate of cloud uptake and Europe lagging behind in cloud computing adoption”.

    So What?

    In the wake of the PRISM scandal, there have been calls for national or regional-only cloud computing networks to prevent government surveillance on personal information as it travels across national borders. However, the EC has resisted these calls arguing that such models would prevent the economies of scale from being generated that will allow Europe to reduce costs and compete in the international market for cloud computing services. The EC has stated that a larger market will increase competition thus reducing the cost of cloud computing services for end users. This will be particularly advantageous for small firms who will benefit from increased access to cloud services, in turn raising productivity and profitability. 

    The EC has encouraged European firms to begin to be seen as the highly trustworthy for storing data and running applications, “Europe can pride itself on high standards for data protection and data security. This could be a competitive advantage for firms complying with these high standards. That is why Europe should aim to be the world’s most secure and trusted region for cloud computing.” Up to now Europe’s cloud computing industry has trailed behind the market leaders from the US however an opportunity may now exist for European companies to catch up.

    The EC also made the point that  “more transparency on government access to data…is needed” including a transparent framework on what constitutes legitimate government access to data and a code of conduct for cloud service providers. The imposition of such a framework may start to reassure the general public that their private data is more secure from unwanted government surveillance. 

    It will be interesting to see how the market reacts. EU companies will sensibly be capitalising on this. For US companies, it should, however, be business as usual. These are not new issues and the key is of course allowing the customer to see the advantages of using your cloud offerings, wherever they are located. That said, we are spending quite a lot of time advising clients where to best locate data centres and technology offerings to take account of the differing considerations including relevant statutes, including in the areas of data obligations, privacy regulations and tax.