PRISM causes one in ten to cancel US cloud contracts
According to survey results released Wednesday by the Cloud Security Alliance, 56 per cent of non-US residents are less likely to use US-based cloud service providers in light of the recent PRISM programme revelations, with one in ten cancelling a project using a US-based cloud provider as a result.
The survey was conducted online between June 25 and July 9 2013, when levels of reporting on the PRISM intelligence gathering programme were peaking, and received over 600 responses.
Non-US survey candidates were asked whether emerging details of the PRISM programme would make their company more or less likely to use US-based cloud providers.
A total of 56 per cent of respondents said they were less likely to use US-based cloud providers, while 31 per cent suggested it would not change their approach to cloud service provision, and three per cent said it would actually make their use of US-based cloud providers more likely.
Notably, ten per cent of respondents said that they have cancelled at least one project that would use US-based cloud providers as a result of the PRISM scandal.
This is interesting because apart from security solutions vendors and Neelie Kroes, head of the European Commission’s Digital Europe agenda who earlier this month made statements echoed by the survey’s findings, few seem to believe that the PRISM scandal will actually cause enterprises to abandon plans to tap US-based cloud service providers. But the survey clearly suggests that widespread US intelligence gathering is starting to have an impact on international appetite for US-based cloud services.
Commenting on the results CSA executive director and co-founder Jim Reavis said the survey highlights the need to increase transparency among cloud providers, and that this is “more critical than ever” today.
Over the past few weeks a growing chorus of US-based cloud providers have protested the fact that they cannot offer much detail on the numerous data requests they receive from the US federal government under FISA (Foreign Intelligence Surveillance Act) or the Patriot Act, and according to the CSA over 90 per cent of respondents agree that cloud providers should be able to publish summary information on these kind of information requests.
In the US lawmakers are currently in the process of debating amendments to a new defense bill that would effectively end blanket data collection of the PRISM employs, a move being met with significant resistance from the Obama administration and other pockets within US Congress.