Who cares where data resides? The cloud is the engine of the global economy, its anti-geographical design perfect for a business world that now ignores national boundaries. That's what's fuelled the rise of the internet economy, but it's coming under threat from more and more data privacy law.
The EU – keen to keep its citizen's data from the US government – had its Safe Harbour agreement invalidated in late 2015, but transatlantic negotiations now underway will culminate in only one thing: more regionalisation of data.
What is the current state of 'data politics'?
National governments are busy issuing edicts on where data produced within their borders can travel to, and how. For example, data protection authorities in Germany are investigating data transfers from the EU to the US by companies such as Facebook and Google. And a panel in the US Senate has just approved a bill that would allow Europeans to sue the US government in a US court if the government intentionally discloses their personal data without their permission.
"Data politics has been heating up," says Frank Krieger, Director of Compliance at enterprise cloud hosting service provider iland, adding: "Many perceive that the EU has made it harder for global companies to do business across borders."
Is this just interference in business from misguided politicians?
A lot of this is seen as unnecessary, but there's a fear that it's as much about jobs as about actual data privacy.
"There are also the additional challenges of governments potentially interfering unnecessarily in order to keep investment in data centres and data centre jobs in their own country," says Michael Connaughton, Director Big Data, EMEA at Oracle, who calls this "potentially unnecessary protectionism".
That's an age-old tactic of politicians, with some fearing that all EU politicians are trying to do is prevent US tech companies like Facebook, Google, Yahoo and Microsoft from operating in Europe.
What will be the effect of the latest EU data regulations?
The effect of any new version of Safe Harbour could mean the end of transatlantic data transfer, as data becomes regionalised. "Global companies will move to hybrid cloud deployments with machines in regional data centres that act like a local wisp of a larger cloud service, honouring both the drive for cost reduction and regulatory compliance," says Connaughton.
The hybrid cloud is destined to grow. "The new legislation will mean that global companies will need to be much more careful when transferring customer data from the EU to an international location," says Krieger, who thinks that there could also be an increase in companies choosing to store data in Europe, therefore choosing to use local cloud service providers rather than risk cross-Atlantic data transfer.
With the migration of data from the EU to another location essentially made more difficult by adding all kinds of stipulations and approvals, it's highly possible that companies in the EU will not take risks, and avoid using foreign (read: US-based) cloud companies.
"Opt-in and opt-out requirements are going to be a large change for US firms," says Krieger about the scenario in the US. "They tended to operate in the opt-out space, whereas the EU has tended to operate in an opt-in fashion."