Defense giant ditches Microsoft's cloud citing Patriot Act fears

Defense giant ditches Microsoft's cloud citing Patriot Act fears

Summary: BAE Systems has pulled the plug on a proposed outsourcing mission to Microsoft's Office 365 cloud solution, after data sovereignty could not be guaranteed.

SHARE:
TOPICS: Microsoft
87

London-based defence contractor BAE has reportedly bailed on plans to adopt Microsoft's Office 365 cloud-based service, citing fears that critical defence secrets could land in U.S. hands.

Speaking during a panel debate at the Business Cloud Summit 2011 in London this week, one of the company's executive said that it could not guarantee that the company's data would not leave Europe.

(Source: Wikimedia Commons)

Charles Newhouse, BAE's head of strategy and design, highlighted the controversial U.S. Patriot Act as one of the reasons why the defence giant could not move to a public cloud-based offering.

At Microsoft's Office 365 launch in London in June, Microsoft UK's managing director Gordon Frazer admitted to ZDNet that "no company", including the software giant, could guarantee that cloud-stored data will not leave Europe under any circumstances; including under a Patriot Act request.

This comes amid changes to the European Data Protection Directive, which will enact changes to prevent the U.S. from exploiting the flaws in the current law.

As Computer Weekly highlighted, large industries have strict policies on data protection, along with where the data is stored. Particularly for a major global arms giant such as BAE, a company that sells weaponry and defence solutions with a variety of governments around the world, putting even innocuous data in the cloud can reveal business and industry secrets.

Talking about data security and the location of that data, Newhouse said:

"A number of high profile outages that users have suffered recently demonstrated just how little control you actually have. When it all goes horribly wrong, you just sit there and hope it is going to get better.

I was on a study tour recently, and 85 percent of European companies out on that, now cite international regulations being their major issue. Everyone was 'on about' the U.S. Patriot Act, saying that the geo-location of that data and who has access to that data is the number one killer for adopting to the public cloud at the moment.

We had these wonderful conversations with Microsoft where we were going to adopt Office 365 for some of our 'unrestricted' stuff, and it was all going to be brilliant. I went back and spoke to the lawyers and said, "It's Ireland" [the datacenter], and should that fail, then it will go to Holland. And the lawyers asked what happened if they lose Holland?"

The European Commission expects to reveal the next version of its data laws next month.

Meanwhile, Sophie in ‘t Veld, Dutch MEP and vice-chair of the European Parliament’s Civil Liberties, Justice and Home Affairs committee, warns that European businesses cannot wait years for the draft bill to be ratified and enacted in the 27 member states of the European Union.

in 't Veld said that emergency legislation will be proposed as efforts to patch the flaw in the current directive, to protect European data from unauthorised U.S. inspections.

Related:

Topic: Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

87 comments
Log in or register to join the discussion
  • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

    BAE making sense? :-O that's a first!
    wright_is
    • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

      @wright_is

      Given that BAE is a major contractor for the US Government, performing TONS of defense work, I don't understand why they'd be looking at a cloud storage solution in the first place. Much of the work they do is classified and should NEVER be stored in the cloud.
      PollyProteus
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        @PollyProteus i find it hard to believe they care when it is the defense contractors and the banks who own everything and own the US government and write this legislation throught their think tanks and round table groups, there all one in the same, bae and microsoft ,both war profiteers ,1 from the civilian industrial complex, one from the military industrial complex, both owned by mega banks who are writing the legislation and who have the same globalist agenda,and the move to cloud computing will be a nightmare for freedom,free speech, and the consumer, lets resist this now, they dont even want it for themselves but its fine when they are planning on shoving it down our throat ,or soon will be ever more agressivly, till they have total control over all content and end all "fair use" and free speech and own all your data,and charge you tier based fees for everything, every single time you play an mp3, or watch a video, or use an app or play a game you will be charged,no more unlimited licences ,this will all end in tears for us all, mark my words,resist the cloud
        boston2376
      • @PollyProteus .. Exactly right

        What's amazing is some would sensationalize this to make it sound like MS is to blame for the outcome. BAE took the stupid path to begin with and (fortunately) ended by stopping short of signing their own death warrants.<br><br>BAE's case, is of bad managment *even* contemplating 'floating' highly confidential, industrially sensitive data at Cloud-level. That just speaks of pathetic mismanagement and poor oversight on the part of BAE.<br><br>This is the whole problem when you have paper pushing upstarts in control of big corporations and enterprise: they've replaced due diligence and feasibility studies with latte and martini sessions for deciding the fate of their company's all important trade secrets (and related, critical data).<br><br>In all honesty, BAE would do well to be looking for a new CEO & probably CIO, as the current monkeys obviously show no clue in having 'seriously contemplated' putting BAE's future on the line by considering outsourcing material / sensitive communications that never, ever should have been considered for the Cloud to begin with.<br><br>How they are trying to pin this on MS is laughable. As Gordon Frazer correctly stated, no U.S. company providing Cloud-based hosting solutions - including MS, could possibly guarantee that cloud-stored data will be 100% fixed within a certain, single jurisdiction. Go ahead Zack, ask any Cloud provider if they'll write a cloud hosting contract guaranteeing as much ... good luck with that. <br><br>This case is just the tip of the iceberg; there's alot that Cloud providers are reticent about discussing with potential Clients - and this demonstrates the Cloud is far from the perfect panacea it's junky proponents make it out to be.
        thx-1138_
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        @boston2376 That's the best example I've heard so far against the cloud. When I tell people that I'm against it, they look at me like I have a tin foil hat on.

        Microsoft can't secure a desktop OS. What makes people think their cloud will be any different.
        lord_beavis
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        @PollyProteus

        I agree. Any entity that stores Secret data in the cloud is . . . stupid.

        But what I also found really silly was the comment "85 percent of European companies out on that, now cite international regulations being their major issue. Everyone was 'on about' the U.S. Patriot Act". The Patriot act allows US Law Enforcement to gain access to data that is in the US. The Patriot act does not govern how the CIA, or the NSA, gains access to data from around the world.

        If some company in Belgium (or France or Span or etc. . . ) is worried that the Patriot act will allow the US Government to gain access to data concerning brassier sales (or bread sales, or etc. . .) then they have muddled thinking. The US Justice department or the FBI does not care much about those things and even if they gain access to the data, what horrific things will they do with it?

        The CIA on the other hand may be interested in such things if the CIA thinks that those companies are laundering money for terrorists but the CIA is not bound by the Patriot act because the CIA does not work domestic in the US (by law they are not allowed to work domestic. Domestic is FBI). The CIA works covertly overseas. Those outside of the US who are concerned about the Patriot act should look up the definition of the word ???covertly???. If that word offends those in the rest of the world, those who are offended should remember that many governments have covert ops, not just the US.
        John238
    • No private, business sensitive data in a public cloud

      Big companies will not make that move. It's not just BAE. Lots of companies have similar concerns.
      LBiege
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        YOu people must have missed this part.

        "We had these wonderful conversations with Microsoft where we were going to adopt Office 365 for some of our ???unrestricted??? stuff"
        piiman
    • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

      @wright_is "...citing fears that critical defence secrets could land in U.S. hands."...Which really means defense secrets would land in Israel's hands
      robertsgt40
  • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

    This is the last defence of IT dinosaurs - vendors and customers alike - who try to find restrictive, bureaucratic, anti-business, anti-wealth creation, anti-innovation laws and decrees to hide behind - and cling on to the data centre and non-value-adding jobs. Of course, government and defence will be the last bastion of 'stakes in perpetuity' as Nicholas G Carr called it. David Cameron needs to crush this EU law - and remove one more foundation of the brain-dead, business-as-usual IT industry.
    XceliantBear
    • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

      @XceliantBear David Cameron needs to crush the unconstitutional and unpatriotic Patriot Act.

      It is irrelevant what the EU law is. I am not going to host my data on a service which will a) hand it over to a third party without a court order and b) not telling me, that hey have handed over the data!
      wright_is
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        @wright_is Cameron can do very little. All the UK government can do is ratify the EU changes when they are eventually signed into law.
        zwhittaker
    • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

      @XceliantBear
      So EU law and Europeran companies need to comply to US Patriot Act?
      No wonder the rest of the world doesn't like Americans.
      Samic
      • The European companies aren't the ones required to comply

        @Samic
        With all due respect, you have it backwards. It's the US company, Microsoft, who has to comply. The travesty known as the Patriot Act, foisted upon us by the U.S. Congress requires that Microsoft (or any U.S. company) provide data in their possession under certain (not well understood by me) circumstances. Whether that data originated outside of the U.S. is irrelevant to the Feds.

        The only thing that could be done is a treaty with the U.S. guaranteeing data privacy (which will never happen) or trade restrictions in Europe which will prevent corporations from doing business there if they can't protect the data. This will effectively block all cloud service providers in the U.S. from doing business in the EU.

        Yeah, that's my Congress. Enacting overarching laws out of fear with no regard to the consequences for U.S. commerce and no understanding of technology all for the 10 second sound bite to say "I support Patriotism and National Security!" Meanwhile of course, any of us who actually use our brains know that the laws in question do nothing to promote either Patriotism or National Security. My fellow American voters don't like to think that hard, though. (sigh)

        Sorry, getting down off the soapbox now. But the end is the same, it's Microsoft's potential complicity (errr ... "legal compliance") with the Patriot Act that causes the issue, not anything on the EU side of the equation.
        use_what_works_4_U
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        @Samic <br><br>It is my personal belief that it is that way with many countries. Just the Patriot Act is in the open and gets really noticed due to the (relatively) open nature of the US Govt that it is more out in the open versus being closed off. Better or worse? No clue, but I'm not a Patriot Act fan myself...<br><br>Something kinda similar - the EU passed ROHS and the standardized micro-usb charger. Both bits of legislation then took effect the US by default without any US laws being passed. Quebec passed laws on French being on all packaging, which leads to packaging in Texas being in English and French, instead of English and Spanish of which there are much more Spanish speaking people in the US (and Texas in particular) than French but we get French packaging anyway... I find those mostly non-harmful ones amusing personally.<br><br>The whole planet is connected at this point, so laws in one country always have consequences internationally. <img border="0" src="http://www.cnet.com/i/mb/emoticons/happy.gif" alt="happy">
        admiraljkb
      • So this is why the rest of the world doesn't like American's?????

        @Samic

        Really? While I have problems with the PA, I don't care one whit if the rest of the world LIKES Americans.

        Once we start down the path of crafting laws and treaties so that we are more popular then we have lost our sovereignty. In effect it becomes a slow but steady erosion. Evenutally globalism, todays newest religion, will dominate the world.

        At the point where the world's population is controlled by the interest of a few in power what are we left with?

        Do you really think this is a stretch?
        Raid6
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        @macadam gimmie a break willl ya this is probably all theater anyways, your congress did not write the patriot act ,microsoft, bae,other military industrial complex defense contractors and mega banks wrote that legislation , and before 9-11 too, the congress in the US dont even get to read the bills let alone write them , all they do is sign them,they are written by who i just named as well as american an anglo british oligarchs like rothschilds,rockerfellers etc, through there, think tanks, ngo's, non profits, round table groups etc.. theses are all the same people with the same sick agenda of war profiteering etc, that are supposedly fighting over this, and "patriot act" is just more NLP-neuro linguistic programming and propaganda brainwashing, that is transparent as crystal, we know there is nothing in there a patriot would agree with,its a neo nazi fascist piece of legislation ,and cloud computing will turn out be a nightmare for all of us end users and consumers,everyone need to stand up say no to cloud computing ,its a huge lie being perpetrated on us for more spying and more control over you and your data and a way to bill and tax you and all content and everything else, NIGHTMARE ,we will all regret it if this goes ahead to the level it is planned to i fear
        boston2376
      • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

        @macadam

        Notice what XceliantBear was saying. He said "David Cameron needs to crush this EU law - and remove one more foundation of the brain-dead, business-as-usual IT industry."

        So no, I didn't say US company like microsoft doesn't need to comply. I'm say EU doesn't need to comply to a law that was drafted by US and applied to US. If that policy doesn't compatible with EU and cause US company loss a sale, it's not EU fault. We're basically on the same side.
        Samic
    • RE: Defense giant ditches Microsoft's cloud citing Patriot Act fears

      @XceliantBear
      You don't make any sense. You have several over-utilized keywords thrown together, but no coherent message.
      kirovs
    • As one of "The Observers"

      @XceliantBear ... of course you'd say that; wanting unbridled access to all data, everywhere.

      Will you go on and trap yourself in amber already?
      thx-1138_