First it was a money-haven, now Switzerland’s privacy laws and data protection regulations are turning it into...
a cloud-haven in the wake of US government surveillance revelations. That is the claim by Switzerland’s biggest offshore hosting company, Artmotion.
Recent leaks of the US National Security Agency’s (NSA) PRISM surveillance programme have sparked growing concern over data privacy, with implications for global corporations using US-controlled cloud services, such as AWS (Amazon Web Services) and Azure.
As a result, businesses are now turning to Switzerland for their data hosting needs.
Artmotion has witnessed a 45% growth in revenue amid this new demand for heightened privacy.
The “huge” growth in hosting demand is because privacy in Switzerland is enshrined in law. As the country is outside of the EU, it is not bound by pan-European agreements to share data with other member states, or with the US.
Before Prism, the US was at the forefront of the cloud computing industry and companies flocked to take advantage of the scalable benefits of hosting in a cloud, as well as the potential cost savings it offered.
“The scandal has unearthed significant risks to data for businesses, as well as for their customers,” said Mateo Meier, Artmotion’s director.
“With US cloud service providers subject to US laws, the government can request business information under the Foreign Intelligence Surveillance Act (FISA) without the company in question ever knowing its data has been accessed,” he added.
Companies including Microsoft, Google and Facebook have admitted that the NSA sought access to the systems of these top IT giants.
Following government’s revelations, questions have also been raised about the safety of employees using file sharing software like Dropbox and online office resources such as Office 365, which are hosted in the US and the EU, Meier further claimed.
The desire for data privacy has therefore seen a surge in large corporations turning to Switzerland to take advantage of its privacy culture. Enterprises can host data in Switzerland clouds without fear of it being accessed by foreign governments.
“Unlike the US or the rest of Europe, Switzerland offers many data security benefits. It is not a member of the EU and the only way to gain access to the data hosted in a Swiss datacentre is if the company receives an official court order proving guilt or liability."
“No doubt Switzerland has much tighter laws, but if you don’t encrypt data, it is always open. More importantly, you need to hold the keys to your encrypted data,” warned Amar Singh, CISO of News International and chair of the ISACA Security Advisory Group (SAG).
Unlike the US or the rest of Europe, Switzerland offers many data security benefits
Artmotion’s claims come as European commission (EC) vice-president Neelie Kroes warned that US cloud service providers could suffer loss of business in light of revelations about the government’s controversial data collection plans.
Data protection is becoming even more critical as organisations move to the cloud, and increase their awareness of how to best protect themselves from the affect of these types of surveillance and breach activities, said Dave Anderson, senior director at cloud security company Voltage Security.
“Enterprise and consumer customers care deeply about securing their sensitive information and protecting the data that helps govern their business, and effectively deliver and communicate their goods and services to employees, partners, and other stakeholders,” Anderson said.
"This focus is becoming even stronger as enterprises deepen their beliefs that security, privacy and compliance are not just a tactical, 'check the box' activity, but rather is a strategic process," he added.
But datacentre and hosting services expert Clive Longbottom says that turning to Switzerland’s cloud services may not be for every organisation.
“If I am an oil company, I'd be a tad more worried that information I have may be of interest to governments but if I am just a small business selling everyday goods, it doesn’t matter," he said.
“But if you are a company siphoning profit off to offshore countries, then you may have real worries, so [moving data to Switzerland] could make sense,” he added.
Longbottom also said that it is all down to the chief executive.
“If there is a perception that the EU may buckle to others' data laws, then by all means, they will look to go elsewhere.
“Calligo offers datacentre capabilities in the Channel Islands that are outside of the scope of the EU as well. It's down to the feelings of the CEO.”
“Regardless of where you are - you could be anywhere on the planet - if you don’t want anyone to look at your data and you don’t encrypt it you have no assurance it is safe from prying eyes," warned News International's Singh.