Over the past few months since Edward Snowden began supplying secret NSA documents, there’s been a lot of debate and anger and outrage. But have the sweeping surveillance revelations had a real impact on how companies do business?
New research suggests, yes. Canada-based cloud hosting provider Peer 1 Hosting surveyed 300 UK and Canadian companies and found that 25% of those businesses are now moving their data outside the U.S. because of NSA security concerns. Meanwhile, a whopping 77% of decision-makers at these companies say they would sacrifice data performance and speed in favor of a more secure connection.
Peer 1 SVP Robert Miggins says this finding surprised him most. “You can find solutions that offer you both (security and speed). Even still, i was struck with how if you force someone to choose, they will pick security.”
Miggins was also surprised to find that 60% of decision-makers agree with the statement, “I do not know as much as I think I should about data security laws where my company’s data is stored.” This suggests, Miggins says, that the choice to move data outside the US may be borne more out of fear than out of having all the relevant information.
That said, even though his company does host data in the US, the fears over NSA snooping are not unwarranted. One of the biggest concerns is over a lack of clarity in some of the laws.
“If you’re doing business with a US-based hosting provider, even if the data is stored in the UK, one way of interpreting the law is that the US and the NSA are just as capable of accessing your information as if it was hosted in the US. It’s not clear.”
That’s one reason Peer 1 commissioned the study. It wants to encourage businesses to educate themselves on the details of laws like the Patriot Act so they can make better decisions around data stewardship.
The second reason is more direct: It wants to show US cloud companies that they stand to lose 25% or more of their international business thanks to the NSA revelations. That, Miggins says, will hopefully encourage businesses to use their influence to help affect policy surrounding surveillance and data security.
“This is business that stands to leave; it’s going to go somewhere else. And that will put pressure on those who have something to lose to try to get in front of this topic, to address it, and perhaps to support ideas like Internet privacy, and try to put some boundaries around what our government is capable of doing.”