NSA Snooping Likely to Damage U.S. Cloud Services Industry: Studies
U.S. cloud and managed-service firms could face a drop in revenues by up to one-quarter due to backlash from other nations, according to two separate analyses.Fueled by protectionism and worries over U.S. surveillance, companies in other nations may spurn American cloud services and could shrink the U.S. industry's revenues by up to one-quarter, according to two worst-case analyses of the impact of recent revelations of rampant data collection by the National Security Agency. The analyses—conducted by the Information Technology and Innovation Foundation (ITIF) and Forrester Research—predicted that U.S. cloud companies could face slower demand by as much as $35 billion over three years if the backlash against the NSA materializes as predicted. Forrester's analysis expanded the number to $80 billion and added another $100 billion from U.S. managed-service providers that will likely face similar discrimination. "Where they have cared, companies have been avoiding using U.S. service providers. There may be some, who have said, how much risk is there? And those are the ones that will now be reconsidering U.S. providers," James Staten, a principal analyst with Forrester Research, told eWEEK. Already, the surveillance revelations have impacted a number of companies providing secure messaging services. Encrypted email service Lavabit, which reportedly counted NSA whistleblower Edward Snowden as a subscriber, shut down, leaving behind only a veiled explanation that suggests the U.S. government had requested access to Snowden's email.
Secure messaging firm Silent Circle shuttered a similar service, citing the possibility that they might be subpoenaed as well. Meanwhile, companies that provide encryption services for the cloud, such as CipherCloud, have seen interest skyrocket.
Yet for companies not prone to protectionism, the solution should be simple: Implement encryption to protect data no matter where it resides, said Forrester's Staten."You can use a U.S. provider and bring your own encryption and if you do that and the government gets access to your data, they only are getting access to your encrypted data," he said. In the end, Staten stresses that the estimates are worst-case scenarios. If more misconduct by U.S. intelligence agencies is revealed and European leaders and businesses politicize the issue, damages could extend to 25 percent. However, companies tend to make rational decisions, and, thus, far fewer will likely move their business offshore. For that reason, 3 to 5 percent is a more reasonable estimate, he said.