Fears about Prism's long-term impact on cloud declared "overblown"

Forrester claims the fallout from the 2013 Prism surveillance scandal has had a minimal effect on the cloud industry

Concerns about how the fallout from the Prism surveillance scandal would blight the business prospects of US cloud providers were overblown, according to Forrester Research.

When Edward Snowden’s revelations about the surveillance activities of the US National Security Agency’s Prism programme first emerged in June 2013, much was made about how the news would affect user trust in the cloud industry.

Former European commissioner for digital affairs Neelie Kroes was one of the first to air concerns about this issue in July 2013, warning cloud providers that news of the programme could result in them losing business.

Details continually leaked throughout the summer about how the US intelligence agency used the programme to snoop on the audio and video chats, photographs, emails, documents and connection logs of internet users.

“If businesses or governments think they might be spied on, they will have less reason to trust cloud and it will be cloud providers who ultimately lose out,” said Kroes at the time.

“Why would you pay someone else to hold your commercial or other secrets if you suspect or know that are being shared against your wishes?”

Assessing the damage

Now, nearly two years after Snowden’s leaks first started, Forrester claims the Prism revelations have had a minimal impact on the cloud market, as its research shows fewer than expected non-US firms withdrew data from US cloud providers because of it.

Read more about Prism

“Prism’s impact is still felt in the market for internet services, although the size of the storm and its resultant impact is smaller than was originally thought,” said Forrester analyst Edward Ferrara in a blog post.

"It seems the international business was a lot more insulated from US spying compared to what was originally thought.

“In this first survey of international customers, the data suggests such concerns about Prism were overblown.”

The 2014 Business Technographics Global Infrastructure Survey was compiled from the responses of 3,190 business and technology decision-makers in Australia, Brazil, Canada, France, Germany, India, New Zealand, the UK and the US.

It revealed that 26% of respondents had stopped dealing, or reduced their spending, with US firms offering internet services because of security concerns in the wake of Prism.

This, Forrester claims, needn’t be viewed as catastrophic for service providers, as users weren’t sharing a great deal of data with them in the first place.

Cloud complacency

Even so, the organisation said US cloud providers cannot afford to be complacent, as its findings suggest users have tweaked their dealings with them in other ways since news of Prism first broke.

An example of this is users taking greater control over how they manage security with the use of encryption tools, rather than rely solely on providers to keep their data locked down.

“While nearly three-quarters of international firms are not walking away from their US-based partners, over a quarter are, and the biggest driver for this change is the US surveillance programme. US policy-makers should not ignore this fact,” the report stated.

“Survey respondents are also moving their most-sensitive data: company confidential information including client confidential data, financial records, company intellectual property, and personally identifiable information.

“Moving this type of information to locations where country laws prohibits the disclosure of this information is an obvious and necessary reaction. Not doing so puts companies in a potential double bind between their customers and local laws.”

Read more on Internet infrastructure