US cloud providers could miss out on billions of Euros-worth of deals as a result of European concerns around US government surveillance programmes, the EU's digital chief has warned.
Revelations about the PRISM surveillance project, and other initiatives allowing the US government to access data held by American tech firms, could damage willingness by EU firms to host data with US cloud providers, said Neelie Kroes, the European Commissioner for Digital Agenda.
"If businesses or governments think they might be spied on, they will have less reason to trust the cloud, and it will be cloud providers who ultimately miss out," Kroes said at the meeting of the European Cloud Partnership Board in Tallin, Estonia.
"Why would you pay someone else to hold your commercial or other secrets, if you suspect or know they are being shared against your wishes? Front or back door – it doesn't matter – any smart person doesn't want the information shared at all. Customers will act rationally, and providers will miss out on a great opportunity.
"If European cloud customers cannot trust the United States government or their assurances, then maybe they won't trust US cloud providers either. That is my guess. And if I am right then there are multi-billion euro consequences for American companies."
Kroes warned US cloud providers could fall foul of future European regulation designed to limit EU firms' ability to use cloud providers that didn't meet "security guarantees".
European cloud service providers should take advantage of concerns about data security and "provide services with better privacy protection", she said.
"The cloud has a lot of potential. But potential doesn't count for much in an atmosphere of distrust. European cloud users and, American cloud providers and policy makers need to think carefully about that," she said.
In Kroes' speech questioning US cloud service providers data security, she didn't mention the impact large-scale surveillance projects run by EU member states would have on the data security of EU cloud service providers.
In recent weeks it has been reported that the UK's intelligence agency GCHQ is tapping undersea internet fibre links and French authorities are running a programme to collect and store metadata from internet traffic "for years".
On Thursday, the European Parliament adopted a joint, cross-party resolution to begin investigations into widespread surveillance of Europeans by the NSA.