Recent revelations about US government snooping may have made privacy-conscious companies think again about whether they can trust American cloud companies such as Amazon, Dropbox, Google and Microsoft. This could provide an opportunity for companies outside the US to provide havens for sensitive commercial data. So, why not Switzerland?
Switzerland has long been regarded as a private place to stash money. It could become a private place to stash data.
That, at any rate, is the sales pitch being made by Mateo Meier, who runs Swiss data-hosting company Artmotion. The company claims "some of the world's biggest banks and tobacco companies" are clients, adding that its strict privacy policies prevent it from naming any names.
Meier says: "Unlike the US or the rest of Europe, Switzerland offers many data security benefits. For instance, as the country is not a member of the EU, the only way to gain access to the data hosted within a Swiss datacenter is if the company receives an official court order proving guilt or liability. This procedure applies to all countries requesting any information from a Swiss datacenter and unlike in the EU there is no special law for the US."
Although there's no visible evidence of companies deserting the likes of Google and Microsoft (though evidence would be welcome), Artmotion says it has "witnessed 45 percent growth in revenue amid this new demand for heightened privacy". Apparently, about a quarter of enquiries are now coming from UK companies.
On July 4, Neelie Kroes -- the EU vice-president who speaks on digital affairs -- warned that American cloud companies were likely to lose business because of a perceived lack of privacy. She said: "If European cloud customers cannot trust the United States government or their assurances, then maybe they won't trust US cloud providers either. That is my guess. And if I am right then there are multi-billion euro consequences for American companies."
Kroes presumably believes that a distrust of American cloud companies could benefit European ones. However, there aren't any European cloud companies that operate on anything like the same scale. Further, there's no evidence that data would be kept more private in the hands of European companies. The security services in the UK, France and Germany seem to take much the same approach as America's NSA.
Kroes' memo says: "In some cases, of course, it may be legitimate for authorities to access, to some degree, information held online; child protection and terrorism are good examples. Such access must be based on transparent rule of law, and is the exception to the rule." This is a very long way from being a ringing endorsement of privacy.
The furore sparked by Edward Snowden's revelations about US, UK and German government snooping are not going to do Swiss hosting companies like Artmotion any harm, even if they don't drive a lot of business off-shore.
But what they should certainly do is stimulate companies to make sure their private data is heavily encrypted, and prompt more of them to use encrypted email and messaging services.