Why Amazon, Google and Microsoft have little to fear from European privacy rules

110803_Googlespy(Editor’s note: In this guest Last Watchdog essay, Nicos Vekiarides, founder and CEO of TwinStrata, argues that threats to constrain U.S. cloud service providers may contain more bark than bite.)

By Nicos Vekiarides, Special for Last Watchdog

Surely by now, you may be tired of hearing about the Snowden effect. While the revelations over the past year swirling around the NSA are certainly concerning, the truth is the threat of unauthorized access to data has always been a specter – whether it be a government agency, big tech, hacktivists or cyber spies.

Realistically, while privacy regulations will periodically get scrutinized, and often strengthened, few if any true “anti-American” laws will go into effect—especially with the three most prevalent cloud providers operating in Europe today: Amazon, Google and Microsoft.



It’s easy for a government to say “keep your data local,” but multi-national organizations abound, and the solution isn’t quite so simple.

So what does this really mean for American cloud providers and multi-nationals? In the long-term, not much. European cloud providers will gain some traction locally as these admittedly smaller cloud service providers (CSPs) gain credibility. But multi-nationals have two options: stay with a single cloud provider for simplicity and buying power, or move toward a multi-cloud provider model. For companies worried about overseas snooping, the multi-cloud model allows them to select local cloud providers that adhere to stricter privacy guidelines based on geography or data type.

Beyond these options, organizations truly worried about unauthorized access need to huddle around the “zero trust” model they should’ve had in the first place. It’s not enough that data is secure if that security is controlled by a third party. Instead, security control needs to rest with the data owner who should control primary encryption and maintain ownership of the keys that are used to unlock the data stored in the cloud. By controlling these critical security elements separately from the data (rather than with it as in the case of CSP security), organizations provide a stronger layer of protection and data privacy.

Ultimately, while the Snowden effect has reinvigorated data privacy discussions, it hasn’t fundamentally changed the landscape. As a result, I anticipate American cloud providers will be nudged to adapt to certain international privacy restrictions. But as cloud computing and storage continue to rise in popularity, so too will the usage of American CSPs.

About the author: Nicos Vekiarides is the CEO and co-founder of cloud-integrated storage company, TwinStrata. Nicos has spent 20 years in the data storage field, both as a business manager and as an entrepreneur and founder in startup companies.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone