Will the NSA revelations create barriers to cloud adoption in the developing world?

BY Matthias Langenegger
July 18, 2013

What benefits can developing countries expect from cloud computing? And what policies are needed to fully seize its potential?

Several questions were discussed at a peer review of the upcoming cloud computing report by the United Nations Conference on Trade and Development (UNCTAD). It will be part of the Information Economy Report series – UNCTAD’s yearly flagship publication that analyses current trends and policy issues in the digital economy and their effect on trade and development.

As the only tech sector representatives present, CCIA shared the views of the industry with policymakers. This is one of the benefits of the association’s permanent Geneva presence: the opportunity to help inform the development of important reports.

Many in the business community have never heard of UNCTAD despite that it is to developing countries what the OECD is to the developed world: A trusted partner that supports its members’ economic strategies with research, policy analysis and data collection. Like OECD, it also serves as a  key venue for member states to discuss and coordinate regulation in a given area of economic activity – and many developing countries give far more weight to the work of UNCTAD since it was setup specifically to be the development-focused complement to OECD.

The subject couldn’t be more topical: In the wake of the recent spying revelations the use of cloud services have become a part of the global debate on privacy and data security on the Internet. Given the growing clout of developing countries and their importance for Internet services, the cloud computing report could have important ramifications for our sector.

There was a lively debate on the pros and cons of local hosting requirements. One thing is certain: The PRISM revelation have caused considerable, and mounting, concern among developing world diplomats and have empowered those in favour of such measures. We are told by UN agency staff that they are seeing a dramatic increase in countries, especially developing countries, contacting them for advice on how to protect data from Western surveillance.

In addition to the obvious, if ill-conceived, arguments in favour of local hosting requirements, namely its potential to drive technology transfers, local infrastructure investments and, ultimately, the rise of homegrown global Internet services, there is now a powerful, emotional narrative taking hold: Western cloud services simply cannot sufficiently protect the privacy of users – or won’t try, because they are in league with their governments’ national security systems.

In that context local hosting requirements play into the hands of policy-makers:

  • It works politically: Given widespread concerns about US influence in many parts of the world, local data storage requirements look like the Government is “doing something” about the perceived Western dominance of the Internet.
  • It works economically: For the reasons outlined above, local hosting requirements are often presented as promoting local ICT industry investment – and barriers to foreign services is seen as benefiting the national economy.
  • It works from a national security perspective: Finally, the policy appeals to those who see data as a strategic asset that should be under the authority of Governments.

This last point is critical: most trade agreements oblige parties to treat foreigners the same as nationals, but they also include national security exceptions. In principle, any such government intervention has to be narrowly construed and based on a demonstrable security concern. In reality, however, the inherent ambiguity of these exceptions make Internet services vulnerable to protectionist measures given the new climate.

There are many reasons why local data storage requirements are a bad thing. On a basic technical level, they undermine the Internet’s ability to provide the best performance for the greatest number of use cases at the lowest cost – a characteristic that cloud services are designed to leverage and which is fundamental to their value-proposition. The Internet is an inherently global technology: It is constructed around a set of open standards to manage data flows, irrespective of their origin or destination, based solely upon efficient delivery of information based upon the condition of the network at the time of delivery. This is a key reason why the network has proven to be remarkably resilient despite an explosion in global Internet traffic. Raising a new set of digital borders that obstruct or distort these global data flows would erode one of the basic foundations of the networked economy.

For developing countries cloud computing provides instant and very affordable access to a world-class technological infrastructure. The cost savings in hardware, software and personnel; the flexible access to processing and storage capacity; and the improved reliability and security of cloud services represent a paradigm shift from the locally-hosted, locally-processed era of computing. It fundamentally creates a level playing field by abstracting infrastructure cost from new service development.

However, the full potential of cloud computing can only be realised in an environment of cheap, reliable and high-performing Internet access. This is not the reality in many parts of the developing world, characterised by frequent power outages, and a generally poor Internet infrastructure. For this reason, the key policy objective of policymakers should be to encourage the development of the local Internet infrastructure through increased competition in the telecommunications sector, investments in broadband capacity, and the facilitation of access to the global network of Internet backbones by reducing domestic landing fees for undersea cables.

Unfortunately, the spying revelations have shifted the focus away from the very tangible benefits of cloud services (and the Internet as a whole). The current drive towards a more nationalized Internet will make it increasingly difficult to offer these type of services at a global level.

Given the current climate, the challenge is for technology companies and countries with a important cloud industry to take the necessary steps to restore trust and protect the privacy of cloud users. CCIA supports a predictable and transparent international legal environment that ensures data security, privacy and consumer protection through trade and other agreements  as well as free speech; the results of these processes should be outcome-focussed to ensure everyone knows who can do what when and where.

Given the borderless nature of the Internet building trust among consumers businesses and government agencies that the protections they enjoy domestically will also apply to the cloud will be a key element to the adoption of cloud services.

Related Articles

CCIA, Industry and Civil Society Groups Send Joint Letter To EU Policymakers On Preventing Terrorist Content Online

Sep 21, 2020

CCIA, industry and civil society groups today sent a letter to EU policy-makers on the proposal on preventing the dissemination of terrorist content online.  CCIA fully supports the objective of the EU institutions to counter terrorism and incitement to violence. The joint letter encouraged EU policymakers to define a clear scope and definition of terrorist…

European Commission Issues Temporary Rules to Allow Companies to Continue Removal of Online Child Sexual Abuse Material

Sep 10, 2020

Brussels, BELGIUM — The European Commission published a proposed Regulation today allowing online communications providers to continue to detect and remove child sexual abuse material (CSAM) from their services.  This proposal is designed to make up for an unintended consequence of the existing e-Privacy Directive, which will apply to online messaging services as of 21…

CCIA Responds to the European Commission Consultation on Article 17 of the Copyright Directive

Sep 10, 2020

Brussels, BELGIUM –The Computer & Communications Industry Association offered comments on the implementation of Article 17 of the Copyright Directive today. CCIA’s comments include elements such as the scope of services covered, how online content-sharing service providers have to provide their ‘best efforts’ to obtain rightsholders’ authorisation, and avoiding unauthorised content online.  After months of…