The Quest to Build an NSA-Proof Cloud

European leaders want to go head to head with Amazon and Google. But some tech executives are pushing back against the plan.
More
     Pawel Kopczynski/Reuters 

BERLIN – If Germany’s special parliamentary session on U.S. surveillance this week was any indication, European politicians are still worked up about former NSA contractor Edward Snowden’s leaks. Chancellor Angela Merkel declared that the revelations had “tested” U.S.-German relations. Green Party politician Hans-Christian Strobele urged the German leader to thank Snowden and offer him asylum for discovering that her cell phone “was probably bugged.” Merkel even got called a “scaredy-cat” for not standing up to Washington.   

The criticism comes as politicians in the region—from Estonia to Germany—are calling for the European Union to create a cloud-computing infrastructure of its own to compete with American providers like Amazon, Google, and Verizon.

The idea is that if the EU has its own cloud—and what form it would take, who would build it, and where it would be based remain unclear—then member states could compel providers to abide by the EU’s (comparatively) stricter data-protection rules. It's part of a backlash against the long arm of the U.S. intelligence community that has echoes everywhere from Brazil to the United Nations.

One of the main proponents of a European cloud is EU Commission Vice President Viviane Reding, who was in Washington earlier this week to hammer out a treaty that would, if signed, assure that any EU citizens’ data stored in the United States be given the same privacy protections as U.S. citizens’ data (in the aftermath of the Snowden leaks, however, policymakers and privacy advocates in the U.S. are questioning the effectiveness of those protections).

Reding’s cloud formation plan essentially calls for EU nations to band together and create a European champion in cloud systems just as France, Germany, and Britain did in the 1960s, when they created aircraft manufacturer Airbus to compete with Boeing.

“For awhile now, I have been saying it’s time for the Europeans to build their own cloud,” Reding told a German radio station last week. “I think data protection needs to be thought of not as some extra cost, but something that makes us more competitive. When a company can guarantee that its customers’ data will remain secure, they will flock to you—it’s a golden business opportunity for European tech companies. It can become a sales argument.”

Indeed, part of the motivation here is a business one. European politicians want to see their companies exploit a gap in trust in U.S. companies as a result of the Snowden leaks. And two recent studies suggest that this is a sensible idea.

In one study of “industry practitioners and cloud-computing stakeholders” based outside the United States, the Cloud Security Alliance found that 56 percent of those polled would be less likely to work with U.S.-based cloud service providers due to data-protection fears. Another report by the Information Technology and Innovation Foundation suggested that the surveillance revelations could cost the U.S. cloud-computing industry $22 to $35 billion in lost revenues over the next three years.

European providers have already been positioning themselves to become the router and storage solution of choice for companies in Africa, which has seen its share of traffic passing through the U.S. drop dramatically over the last 10 years. In 1999, some 70 percent of African Internet traffic went to the United States, according to a 2012 report by Analysis Mason. By 2011, the study noted, less than 5 percent of that traffic went to the U.S., “having been replaced by bandwidth to Europe.” It is unclear, however, what percentage of this data actually migrated away from American companies, many of which have built data centers in Europe to be closer to customers in the EU and Africa.

Not all Europeans share the outrage voiced by their political leaders over U.S. surveillance. A survey commissioned earlier this month by the magazine Wirtschaftswoche, for instance, found that 76 percent of Germans were not bothered by Snowden’s leaks. “Most people didn’t think that anything in their lives would be of interest to the American intelligence service,” the survey’s authors wrote. While the study didn’t ask whether Germans were concerned about charges that U.S. intelligence tapped into their chancellor’s phone, it did reveal that Germans are uneasy about their own officials: only 17 percent of those polled trusted the German government’s handling of their personal data. 

Caught between public apathy and politicians’ anger, some German tech industry figures are calling for a middle path (others, like Deutsche Telekom’s CEO, have eagerly backed Reding’s cloud proposal). They like the data-protection treaty that Reding wants to sign with the U.S., but favor more stringent use of data encryption over rash plans to build EU clouds. The thinking is that stronger and more regular use of encryption could slow, to a degree, apparent U.S. attempts to comb through the world’s Internet traffic.

One German tech industry figure I spoke with felt it would be difficult, if not impossible, for Europeans to migrate completely away from U.S. services. He likened America’s hegemony on the Internet to the control Gulf States wield over oil resources. 

“What you have with oil in the Middle East, you have in the U.S. with information,” said Malte Pollmann of Utimaco Safeware AG. “The U.S. is in a unique position of geopolitical strength in the information age—and there’s no other country like this.”

Pollmann suggested that U.S. and British intelligence services are exploiting gray zones in treaties between nations—and that European diplomats should, first and foremost, push for clarity on this issue.

“What we need right now is a debate,” Pollmann told me. “Two years from now, we will have a better idea of which tactics are clearly illegal, and which are legal, but not what we wanted. There will have to be a rebalance in terms of legal oversight. That’s why you have people like [Google's] Eric Schmidt saying ‘I don’t know’ if it is legal for the U.S. and British intelligence agencies to tap into Google’s cables.”

The CEO of a leading German marketing consultancy described the mood among German executives like this: They’re bothered by the U.S. government’s intelligence-gathering overreach, but they don’t see the U.S. as Europe’s main threat the way some politicians might.

“It’s sad and stupid that Merkel’s phone was listened to,” said this CEO, who asked not to be named because he was critical of some of the countries in which he consults. “But I think most of the economic elites in Germany still see the U.S. as a strong ally. They don’t see economic espionage as the motive. Most economic elites here agree that the real danger and threat is in the emerging powers, like China.”

This CEO said his business stores most of its data on clouds in the United States, and that he wasn’t concerned about the situation because everything the company does is encrypted. 

“We are using fully encrypted hard disks,” he noted. “As for phone communication—it just hasn’t been a topic for us. Many times what we are saying on the phone really isn’t too sensitive. And, if it is sensitive—construction plans or stock market-related transactions—we just don’t talk about it on the phone.”

Pollmann also echoed this sentiment.

“In the end,” he noted, “It’s cheaper to fly someplace and have a conversation in a room than to build elaborate systems for super-secret conversations.”

Jump to comments
Presented by

Michael Scaturro is a reporter based in Berlin.

Get Today's Top Stories in Your Inbox (preview)

Adventures in Legal Weed

Colorado is now well into its first year as the first state to legalize recreational marijuana. How's it going? James Hamblin visits Aspen.


Elsewhere on the web

Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register. blog comments powered by Disqus

Video

Adventures in Legal Weed

Colorado is now well into its first year as the first state to legalize recreational marijuana. How's it going? James Hamblin visits Aspen.

Video

What Makes a Story Great?

The storytellers behind House of CardsandThis American Life reflect on the creative process.

Video

Tracing Sriracha's Origin to Thailand

Ever wonder how the wildly popular hot sauce got its name? It all started in Si Racha.

Video

Where Confiscated Wildlife Ends Up

A government facility outside of Denver houses more than a million products of the illegal wildlife trade, from tigers and bears to bald eagles.

Video

Is Wine Healthy?

James Hamblin prepares to impress his date with knowledge about the health benefits of wine.

Video

The World's Largest Balloon Festival

Nine days, more than 700 balloons, and a whole lot of hot air

Writers

Up
Down

More in Global

Just In