American cloud computing companies are deeply worried by the potential effects of Edward Snowden’s June leaks, and it’s not because they’re embarrassed that the NSA found those pictures of your cat covered in Cheez-its. The revelation of federal data-mining program known as PRISM spells trouble for enterprises like Facebook, Google and Skype, which allow the NSA to siphon information directly from their servers. Ties to PRISM and US government surveillance endanger the international reputations of domestic cloud service providers. If they don’t act fast, such companies could lose valuable market share, face stricter data sharing policies when entering foreign nations and come up against tough global competition in the future.
European responses to the leaks have already reflected heightened distrust and a desire for more control over the transatlantic flow of data. “Since the PRISM revelations, the world is asking not what they can do with their data on American cloud services, but what America can do to their data,” wrote Caspar Bowden, former Chief Privacy Adviser for Microsoft Europe, in an article for The Independent. Bowden questioned the US government’s strategy for saving face after the scandal, which involved repeatedly reassuring Americans that PRISM does not intentionally monitor domestic targets. “Can it be right that there is one law for them and another for everyone else?”
(MORE: The Surveillance Society)
Opinions like Bowden’s may hurt American cloud sales abroad, but backlashes to PRISM have the potential to become deeply ingrained in US-European relations. In an interview with the German newspaper Kölner Stadt-Anzeiger published July 19, German Chancellor Angela Merkel announced that she wants the European Union to adopt her nation’s stringent privacy standards, which restrict Facebook and Google’s access to German data. Internet localization efforts are also spreading to other parts of the world. Greece, Vietnam and Brunei already require data generated within their borders to be stored exclusively on servers within the country, and Norway and Denmark do not allow the use of cloud computing services on foreign servers within their jurisdiction.
But consumer loss and policy changes will not be the only dangers to US cloud computing companies post-PRISM; a number of countries with large populations of cloud users have begun to develop technology that will compete with American services. The French government is running a “Sovereign Cloud Project”, German finance giant Deutsche Boerse recently launched a publicly traded stock market for cloud computing companies and China has constructed a 7,800 square meter complex called “Cloud Valley” in Beijing, which it hopes will incubate the next global roster of cloud services.
(MORE: A Glossary of Government Surveillance)
International consumers are the key to positive growth for American cloud computing companies. According to a study by Tata Consultancy services, the use of cloud applications as a percent of total corporate applications is significantly larger in Asia and Latin America than it is in the United States. Daniel Castro, a senior analyst at the Information Technology & Innovation Foundation (ITIF), worries that American services won’t be able to take advantage of that key demographic without re-establishing trust. “Not only are the few U.S. companies named on Edward Snowden’s leaked slides suffering reputational harm among consumers around the world because of their court-ordered compliance with government surveillance activities, but entire U.S. industries are facing increased threat of a global backlash from customers who may choose to flee to foreign competitors who are perceived rightly or wrongly, as keeping data safe from government monitoring,” he wrote in a blog post published by the Hill last week.
The day Castro’s piece was posted, data security and foreign trade experts met at the ITIF to discuss what the US government can do to save American cloud companies. Panelist and Ambassador Philip Verveer, the former U.S. Coordinator for International Communications and Information Policy, said that the feds need to clarify the scope and procedural safeguards of PRISM, as well as the “shared values” between the US and foreign markets. Jake Colvin, Vice President for Global Trade Issues at the National Foreign Trade Council, insisted that once foreign consumers understand the limits of PRISM and the surveillance efforts of their own governments, they will flock back to the American cloud. “Transparency is thus essential in cloud computing to ensure the market rewards good providers and penalizes bad ones,” wrote Castro in his post. “Taking these steps will help ensure that national security interests are balanced against economic interests…Failure to act will make it more likely that the next Twitter or Facebook will not be an American company.”
(MORE: TIME’s full coverage on privacy)