Blog Post

PRISM fallout could cost cloud companies up to $180B

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Cloud vendors worldwide could, if things play out badly, lose up to $180 billion in business over the next three years due to concerns over government data scooping, according to new projections from Forrester Research(S forr) Analyst James Staten. His numbers far outstrip an earlier projection of up to $35 billion in lost business over three years from the Information Technology & Innovation Foundation (ITIF), a think tank.

Both Forrester and ITIF assume that companies abroad will balk at using U.S. cloud providers over fears that those vendors will have to turn customer data over to the National Security Agency, as the PRISM disclosures have shown. But Staten said that concern is too narrow — that U.S. companies may have similar qualms and might bypass domestic vendors for their own overseas workloads. And cloud vendors worldwide will be dinged by concerns over data privacy.

Indeed, the impact of PRISM on cloud adoption will be discussed by Joyent CTO Jason Hoffman,  Simon Wardley, researcher for CSC’s Leading Edge Forum and others at Structure:Europe next month in London.

And, since data-snooping-and-scooping is not necessarily limited to the American government, non-U.S. cloud providers could also lose as much as 20 percent of their “available overseas and domestic opportunities” due to other governments taking PRISM-like actions, according to Staten. He wrote:

“You don’t have to be a French company …  to be worried about the U.S. government snooping in the data about your French clients. That’s a worry any company, regardless of country of origin, should be concerned about. Yes, if you are a U.S. corporation you are subject to the U.S. Patriot Act, but in this case the U.S. government would have to subpoena you directly rather than going behind your back to your U.S.-based service provider.  European Union rules require data about EU citizens be stored and retained in the EU. U.S. corporations are subject to this rule just as EU companies, so seeking an EU-based cloud provider or non-cloud IT provider would be a prudent tactic for a U.S. business as well.”

Staten cautioned that the $180 billion take-down is the worst-possible scenario and would happen only “if you believe the assumption that government spying is more a concern than the business benefits of going cloud.”

Apple(s aapl), Google(s goog), AT&T(s t), and Microsoft(s msft) execs met last week with President Barack Obama over what is reportedly their concern that U.S. government actions is hurting their companies abroad.  It looks like cloud companies in Europe and elsewhere may be pushing similar confabs in their countries.

5 Responses to “PRISM fallout could cost cloud companies up to $180B”

  1. GH Crosby

    I don’t understand this. The ITIF report says “the reality is that most developed countries have mutual legal assistance treaties (MLATs) which allow them to access data from third parties whether or not the data is stored domestically.”

    This tells me that no data is secure nowhere no how. So why would US cloud providers suffer such losses? It doesn’t make sense unless the assumption is they don’t know how to fight back with the facts.

    I think the real threat to cloud providers across the globe is coming from the rise of private cloud providers like Cloudlocker (, at least on the consumer side. I think it’s new products like this plug n play device that pose the biggest threat to the old-line public cloud services, which have always suffered from fatal flaws in privacy and security. The private, personal clouds like the Cloudlocker eliminate these flaws, and that’s why I see them taking over this space, soon to be followed by enterprise-level versions of private clouds, once good ol Yankee ingenuity kicks in.