Amazon hints at new German datacenter, but probably not for the reasons you might think

Amazon hints at new German datacenter, but probably not for the reasons you might think

Summary: Amazon's big datacenter push into Germany may seem like a response to U.S. government surveillance. If privacy groups are right, it won't change what might already be happening. But it does signal a nod towards a burgeoning privacy-minded customer base.

(Image via CNET)

Amazon on Friday gave the biggest hint that it could expand further and deeper into Europe, as it expands its global cloud offering.

As per a report by The Wall Street Journal, senior vice president for Amazon Web Services, Andy Jassy, said the company is prioritizing where it locates its datacenters. Germany could be the latest country on deck to receive its own datacenter located "on their own soil."

You might be excused to think it's a response in the wake of the U.S. National Security Agency surveillance leaks scandal. 

It's about half-right. 

What's significantly more likely, as Jassy hinted, is that it's more to do with "data sovereignty requirements" — specifically knowing where your data is stored, and under which legal jurisdiction.

That's a major proponent of the new European data protection and privacy legislation that's currently going through the European Parliament, which sped up in the wake of the Edward Snowden leaks.

There's no doubt there's a push-pull effect going on here, but it's not the be-all and end-all by a long shot. 

Amazon currently serves 10 geographical regions — including both U.S. coasts, Dublin, Singapore, Tokyo, Sydney, and China — which allows customers to pick their region of choice, and therefore legal jurisdiction to a greater or lesser extent.

There is a slight problem with that, though.

There are two points worth noting. Let's not forget that the U.S. authorities can spy on EU cloud data, and under U.S. law, the U.S. government has that right — even if under international law it does not. When you're the world's foremost superpower, who cares — right?

And secondly, the Electronic Frontier Foundation says Amazon may not encrypt the fiber cables that connect its datacenters. That means any Amazon datacenter in Europe may very well be vulnerable to NSA's data vacuums, particularly MUSCULAR, which allows the U.S. and U.K. to tap into those private networks.

Counter-surveillance is likely not very high on Amazon's list. With it being a U.S.-headquarter company, and NSA programs notwithstanding, the U.S. Justice Dept. can always serve it a court order that requires it hands over data wherever it's stored in the world.

Despite this, there are good business reasons for Amazon to builds its European network around Germany. Because the country's privacy rules allows it to play hardball with the rest of the world.

Germany is a strong advocate of privacy — not least due to its not-so-recent history that spurred on a national distrust of nationwide and global surveillance machines — and as a result is one of the more privacy-conscious and aware nations in the world. It's also one of the very few countries that took the original European privacy laws, ratified in 1997, as a benchmark and bolstered them considerably. For instance, Germany doesn't recognize the EU-U.S. Safe Harbor requirements like other EU nations, forcing German companies using U.S. cloud providers must take further measures to remain compliant.

And that's where Amazon steps in. Because its cloud business, according to the Journal's citations, could be far stronger in the country. And if it expands to Germany, it not only serves the burgeoning German IT industry, but it can also take in surrounding nation state's business as their laws are somewhat weaker.

It makes sense for Amazon to set up shop in the strongest state for data protection and privacy, and serve the surrounding country's customer base with that high level of privacy awareness.

Amazon needs European business. Yes, to many, the idea of talking about Brussels-based bureaucrats and European trade and investment may be about as interesting as a conversation with said bureaucrats — with all due respect to them. But the reality is that's Europe has the capital, the spending, the desire to expand technologically, and frankly where the population and customer base is. 

And crucially, Germans being the more privacy conscious states in the G20, the country's businesses want an in-country solution to their cloud problems — particularly, but not exclusively, as a result of the U.S.' extraterritorial sticky fingers.

Topics: Storage, Amazon, Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Likely not

    "With it being a U.S.-headquarter company, and NSA programs notwithstanding, the U.S. Justice Dept. can always serve it a court order that requires it hands over data wherever it's stored in the world."

    Not quite true. Chances are that a lot of the subsidiaries are incorporated in other non-US jurisdictions. (And if they're not, there probably will be corporate restructuring in the near future.) That makes them separate "legal entities" not subject to U.S. jurisdiction. If privacy laws in other countries prohibit producing the data without a court order from a court WITH jurisdiction (e.g., an EU court), the locally-incorporated subsidiary would be prohibited from producing the data -- even if it can access the data.

    For instance, there is a very famous U.S. federal court case that held that VOLKSWAGEN DOES NOT DO BUSINESS IN THE U.S. *ALL* German-made Volkswagens are sold to Volkswagen of America. (I don't recall the exact company name and it has probably changed over the years.) Because the German and American companies are separate legal entities, a U.S. court has no jurisdiction over the German company.
    • Clarification

      I meant that all German-made VW's SOLD IN THE U.S.
  • Love watching all this.

    First, funny no one mentions in all this that other nations like Russia and China have been doing what everyone has their knickers in a knot over from the US and UK from the beginning. And funny how Mr. Snowden (who should have been able to see that too) has not revealed anything about the things they are doing - but that doesn't help him or his handlers. We already knew that.

    And these "privacy" concerns have NOTHING to do with privacy at all. The EU has been trying to claw back the IT industry through "antitrust" and the courts for years. And Brazil - no, while it sounds like the best thing for the Internet (kinda like the old Soviet-era "Russian Constitution") in reality a lot of this is for the same reasons - money. In this instance, Germany gains an Amazon data center. Whoopee. Where do they think the IT work and management will be done? Well it will be orchestrated out of the US, and probably done with workers tied in from India or elsewhere. The ones in Germany will be mostly hardware nannies at best. And the data? Remember, it was a contracted LAN flunky that started all this. But hey, it is money spent in Germany, so it looks good politically. And they can sell to their neighbors the German "privacy" policy. But unless they disconnect from the grid (even from the German government - because if they don't have an intelligence arm they are either really trusting or really stupid) then NOTHING changes as far as data protection goes. And if they get "caught", then that's even more money for the Germans. Win-win.

    Besides, the NSA is just sucking it in. Look at who is REALLY doing the data mining. "Big Data" was not coined about the NSA, MI6, KGB, whoever. Germans, how do you think your "Expecially for you" list will be populated? But again, they are spending money here. And if Brazil and others admit this is as much to help their homegrown IT industry, wanna bet that's the main motivation here?? And looks good too!
  • Or perhaps it is just network latency.

    No doubt these are all valid arguments.
    It is also possible that the AWS data centers, just like Microsoft's are filling up. Eventually they get to a point where they either need to build a bigger Data Center OR build a new one.
    A new one in a new country improves the network latency for those customers living new the new DC and helps with the Data Sovereignty discussions with Enterprises & Govt Orgs in that country.
    Germany is politically stable, has one of the strongest European economies, geographically central to Europe, with many big companies as potential customers. It makes good business sense to put a DC there.
    Not everything has to be about America.