Will the NSA revelations create barriers to cloud adoption in the developing world?

BY Matthias Langenegger
July 18, 2013

What benefits can developing countries expect from cloud computing? And what policies are needed to fully seize its potential?

Several questions were discussed at a peer review of the upcoming cloud computing report by the United Nations Conference on Trade and Development (UNCTAD). It will be part of the Information Economy Report series – UNCTAD’s yearly flagship publication that analyses current trends and policy issues in the digital economy and their effect on trade and development.

As the only tech sector representatives present, CCIA shared the views of the industry with policymakers. This is one of the benefits of the association’s permanent Geneva presence: the opportunity to help inform the development of important reports.

Many in the business community have never heard of UNCTAD despite that it is to developing countries what the OECD is to the developed world: A trusted partner that supports its members’ economic strategies with research, policy analysis and data collection. Like OECD, it also serves as a  key venue for member states to discuss and coordinate regulation in a given area of economic activity – and many developing countries give far more weight to the work of UNCTAD since it was setup specifically to be the development-focused complement to OECD.

The subject couldn’t be more topical: In the wake of the recent spying revelations the use of cloud services have become a part of the global debate on privacy and data security on the Internet. Given the growing clout of developing countries and their importance for Internet services, the cloud computing report could have important ramifications for our sector.

There was a lively debate on the pros and cons of local hosting requirements. One thing is certain: The PRISM revelation have caused considerable, and mounting, concern among developing world diplomats and have empowered those in favour of such measures. We are told by UN agency staff that they are seeing a dramatic increase in countries, especially developing countries, contacting them for advice on how to protect data from Western surveillance.

In addition to the obvious, if ill-conceived, arguments in favour of local hosting requirements, namely its potential to drive technology transfers, local infrastructure investments and, ultimately, the rise of homegrown global Internet services, there is now a powerful, emotional narrative taking hold: Western cloud services simply cannot sufficiently protect the privacy of users – or won’t try, because they are in league with their governments’ national security systems.

In that context local hosting requirements play into the hands of policy-makers:

  • It works politically: Given widespread concerns about US influence in many parts of the world, local data storage requirements look like the Government is “doing something” about the perceived Western dominance of the Internet.
  • It works economically: For the reasons outlined above, local hosting requirements are often presented as promoting local ICT industry investment – and barriers to foreign services is seen as benefiting the national economy.
  • It works from a national security perspective: Finally, the policy appeals to those who see data as a strategic asset that should be under the authority of Governments.

This last point is critical: most trade agreements oblige parties to treat foreigners the same as nationals, but they also include national security exceptions. In principle, any such government intervention has to be narrowly construed and based on a demonstrable security concern. In reality, however, the inherent ambiguity of these exceptions make Internet services vulnerable to protectionist measures given the new climate.

There are many reasons why local data storage requirements are a bad thing. On a basic technical level, they undermine the Internet’s ability to provide the best performance for the greatest number of use cases at the lowest cost – a characteristic that cloud services are designed to leverage and which is fundamental to their value-proposition. The Internet is an inherently global technology: It is constructed around a set of open standards to manage data flows, irrespective of their origin or destination, based solely upon efficient delivery of information based upon the condition of the network at the time of delivery. This is a key reason why the network has proven to be remarkably resilient despite an explosion in global Internet traffic. Raising a new set of digital borders that obstruct or distort these global data flows would erode one of the basic foundations of the networked economy.

For developing countries cloud computing provides instant and very affordable access to a world-class technological infrastructure. The cost savings in hardware, software and personnel; the flexible access to processing and storage capacity; and the improved reliability and security of cloud services represent a paradigm shift from the locally-hosted, locally-processed era of computing. It fundamentally creates a level playing field by abstracting infrastructure cost from new service development.

However, the full potential of cloud computing can only be realised in an environment of cheap, reliable and high-performing Internet access. This is not the reality in many parts of the developing world, characterised by frequent power outages, and a generally poor Internet infrastructure. For this reason, the key policy objective of policymakers should be to encourage the development of the local Internet infrastructure through increased competition in the telecommunications sector, investments in broadband capacity, and the facilitation of access to the global network of Internet backbones by reducing domestic landing fees for undersea cables.

Unfortunately, the spying revelations have shifted the focus away from the very tangible benefits of cloud services (and the Internet as a whole). The current drive towards a more nationalized Internet will make it increasingly difficult to offer these type of services at a global level.

Given the current climate, the challenge is for technology companies and countries with a important cloud industry to take the necessary steps to restore trust and protect the privacy of cloud users. CCIA supports a predictable and transparent international legal environment that ensures data security, privacy and consumer protection through trade and other agreements  as well as free speech; the results of these processes should be outcome-focussed to ensure everyone knows who can do what when and where.

Given the borderless nature of the Internet building trust among consumers businesses and government agencies that the protections they enjoy domestically will also apply to the cloud will be a key element to the adoption of cloud services.

Related Articles

EU Top Court Strikes Down Privacy Shield, CCIA Calls for Urgent Legal Certainty and Solutions

Jul 16, 2020

Brussels, BELGIUM — The European Court of Justice (CJEU) issued a landmark ruling today that invalidates Privacy Shield, a key legal mechanism which thousands of companies use to transfer commercial data from the EU to the United States. The CJEU ruled that the Privacy Shield decision does not comply with EU law. Among other things,…

CCIA Provides Input to the EU’s Future Proposals on the Digital Services Act and Competition Tools

Jun 30, 2020

Brussels, BELGIUM — The Computer & Communications Industry Association welcomes the opportunity to respond to the European Commission’s calls for feedback on its future Digital Services Act (internal market rules and ex-ante measures) and proposal for new competition tools. The European Commission is expected to present legislative proposals before the end of the year. CCIA…

CCIA Expresses Concern Over New Senate Bill To Weaken Encryption

Jun 24, 2020

Washington — A bill to give law enforcement more access to personal data with fewer legal protections for citizens has been introduced in the Senate Tuesday. Senators Lindsey Graham, R-SC, and Tom Cotton, R-Ark., and Marsha Blackburn, R-Tenn., have announced the  “Lawful Access to Encrypted Data Act.” The bill would compel device manufacturers and providers…