Can The EU Create Its Own Cloud Platform? – Forbes

The EU is forming an alternative to US and Chinese cloud platforms called Gaia X. This effort will fail on so many fronts. It reminds me of Australias National Broadband Network (NBN) which still struggles for viability after spending an estimated $51 billion.

An idea for a new cloud platform

This CRN article reports: According to Germany's Federal Ministry for Economic Affairs and Energy, the Gaia-X cloud computing platform is expected to be ready to launch in early 2021. That would be a remarkable time frame although admittedly you can assemble a couple of racks of bare metal servers and run virtualized services on them in short order. But can you create the equivalent of AWS? Never.

Just look at the relative size of the major cloud providers. The combined market cap of the four largest cloud companies, Amazon, Microsoft, Google, and Alibaba is $4.8 trillion (1.569+1.578+1.001+.685). For comparison the GDP of the largest member of the EU, Germany, is $3.9 trillion. (I know, false equivalence, but I dont know how to calculate a market cap for a country.)

Admittedly, Airbus, a similar venture partnership between government and industry, has succeeded in creating and supporting an aerospace industry in Europe. It has not been a commercial success of course. One can make the argument that having a viable aerospace industry is critical to national security and therefore creating and operating a money losing business is still worth it. Can the same argument be made on the grounds of data privacy? I would argue no, especially when the real purpose is actually the opposite.

The era of digital mercantilismor, as the East West Institute calls it, Tech Nationalismwas ushered in after Edward Snowden revealed the extent of the NSAs digital tentacles as it reached into as many data sources as it could to collect everything. The blowback was predictable and is destined to harm the US dominance of the technology sector. Also revealed by Snowden was the vast partnerships between the NSA, the rest of the Five Eyes, and Sweden, Germany, and others. They too were beneficiaries of the NSAs systematic Hoovering of the worlds data.

The EU General Data Protection Act (GDPR) was crafted and enacted in the wake of Snowdens revelations. But note the carve out in GDPR for law enforcement data records and government agencies. Lets face it. Every intelligence agency wants to emulate the US and not be beholden to the NSA for favors in exchange for being able to tap into its data stores in Utah.

The three tech giants that own most of the cloud platform business in the US are rabidly competitive. Yes, we dont know the full extent of their relationship with the Intelligence Community. There is even a mechanism which, in the hands of an overly aggressive regime, could be abused: that of national security letters whereby the subject of a demand for data cannot even reveal the existence of the letter. But their business would be drastically harmed if they were discovered to be providing backdoors to the FBI or NSA and they resist such efforts with lobbying and teams of lawyers.

Organizations in the EU should be as leery of working with the US cloud providers as they would be with Chinese cloud providers. But there is an argument to be made against having a domestic cloud platform. Your own government, which has much more interest in your data than a foreign government does, could have unfettered access to your data. From a privacy perspective the people with the power to abuse your private data are your own government, not China.

The answer is not to trust any cloud provider. This is what the term zero-trust meant originally. You encrypt all of your data before it goes to the cloud and you protect the encryption keys with multiple layers of defense. Do the job right and you will know when a government agency wants your data. They will demand the keys or, if it is a foreign agency, they will attempt to steal your keys.

Visit link:
Can The EU Create Its Own Cloud Platform? - Forbes

Related Posts

Comments are closed.