Threats to the Future of Cloud Computing: Surveillance and Transatlantic Trade

The first instance of “cloud” computing came in 2006, when Amazon released its Elastic Compute Cloud, a service for consumers to lease space on virtual machines to run software. Now, the cloud enables the transfer and storage of data around the world, in an almost seamless fashion. Using cloud services are a seamless experience from the consumer perspective. This ease of use obscures significant regulation from governments on both sides of the Atlantic. The Safe Harbor Principles is a framework that ensures that personal consumer data being transferred from the EU to the US is still subject to a level of security in compliance with the EU’s stricter regulation on data protection. US companies must be certified within this framework, in order to transfer consumer data outside the EU.

A comprehensive data privacy arrangement that satisfies both sides of the Atlantic is necessary to preserve the free flow of data, and the resulting commerce, between the two regions. Speaking at the 2014 Cloud Computing Policy Conference, Cameron F. Kerry suggested that neither side of the Atlantic can afford to partition the Internet. Currently trade negotiators are assessing the viability including an update to Safe Harbor Principles as a part of the Transatlantic Trade and Investment Partnership (TTIP).

TTIP and the Future of Trade

The NSA revelations last year have only increased support for further regulation over the transfer of personal data in the cloud, especially in the European Union (EU). The revelations have also brought to light significant differences in the European and US conceptions of privacy. The ruling by the European Court of Justice on the “right to be forgotten” is a recent example of this transatlantic divide. In EU countries, citizens can now request Google to take down links from search results that lead users to potentially damaging information.

There are several disputes that negotiators must first resolve. Europeans would prefer that American regulators take a more active role in cases where US firms are violating the Safe Harbor principles. EU officials have also indicated they would like to include a mechanism to send an alert if data were improperly shared with US law enforcement officials. The expansion of the codes of conduct within the cloud would serve as a major step towards finalizing TTIP. A European Commission Analysis finds that TTIP would inject about $130 billion into the US economy. Ultimately both the EU and the US have so much to gain that both nations must find a way to resolve these thorny issues.

Kevin Risser contributed to this post.