Blog Post

Proposed: German cloud fortress for security-conscious shops

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

It almost seems tit for tat. Last week, a Deutsche Telekom (s DTE) exec publicly pushed for a German cloud that would be safe from U.S. snooping. His revelation came just weeks after the U.S Department of Justice sandbagged the proposed sale of Deutsche Telekom’s T-Mobile USA unit to AT&T (s t).

Reinhard Clemens, CEO of Deutsche Telekom’s T-systems group, wants regulators to create a new certification to enable super-secure clouds to be built in Germany or elsewhere in Europe.  There’s much pent-up demand for such offerings among customers that don’t want to expose their data to U.S. government scrutiny, as the U.S. Patriot Act requires, he said.

As Clemens told Bloomberg News:

The Americans say that no matter what happens ‘I’ll release the data to the government if I’m forced to do so, from anywhere in the world’ … Certain German companies don’t want others to access their systems. That’s why we’re well-positioned if we can say we’re a European provider in a European legal sphere and no American can get to them.

That idea of local restrictions on data-handling based on privacy concerns is not new: Germany,  Argentina and Switzerland field the most-stringent privacy laws. (See Forrester Research’s CloudPrivacy Heatmap.)

But the momentum has been toward updating and modernizing laws so that the reality of where the data physically resides isn’t nearly as important as what is done with that data, said Dana Gardner, principal analyst with Interarbor Solutions. “This [DTE proposal] is going in the other direction.”

(More on enabling transnational data flows.)

Any movement to fracture the Internet around legal and/or geographic lines is a concern for cloud computing–the premise of which is to abstract out the notion of geographical location when it comes to IT.

“I don’t think it’s realistic to set up a bunch of sub-Internets based on geographical boundaries,” Gardner said.  “That starts to fracture the Internet around legal jurisdictions and that defeats the very purpose of cloud computing.”

Image courtesy of Flickr user mrpbps.

One Response to “Proposed: German cloud fortress for security-conscious shops”

  1. Questions of data sovereignty are not just a German or even European concern. I recently attended a conference of Government CIOs and other IT leaders in Canberra and it seems clear that jurisdictional access to certain kinds of data within political boundaries is likely to be the norm for the forseeable future. Furthermore highly personal medical and legal records, and data of national and strategic importance may never be stored in transnational clouds. Abstracting our the geographical location of data is a fine principal, but it is not a binary one. There are degrees to which data locality can be abstracted and national boundaries are in most cases sufficiently large to still provide the economies of scale required to make cloud computing effective.

    I suspect that if most of the US’cloud computing data was destined to reside in mainland China, or even just countries where no data-breach reporting legislation exists (such as Australia), would leave most Americans feeling pretty happy with the idea that the data they produce stays in within the jurisdictional boundaries that they can effectively influence.