Yesterday on October 10, 2016 in Berlin, the Aspen Institute/Germany launched “Into the Clouds: European SMEs and the Digital Age.” SIIA and Thomson Reuters supported the report, which was written by the Atlantic Council’s Tyson Barker. In connection with the launch, Aspen hosted a lively lunch discussion bringing together academics, politicians, and industry representatives.
The report finds lower than optimal cloud adoption rates in a number of European countries, most notably in Germany. It recommends six policies in order to increase cloud adoption, especially by small and medium sized enterprises (SMEs).
1) reinforce global nature of the cloud;
2) enhance the B2B aspects of cloud adoption;
3) build operational and legal trust;
4) incentivize public sector procurement and e-governance;
5) increase SME awareness; and,
6) advance transatlantic dialogue, especially by building on the Privacy Shield.
Yesterday’s conversation highlighted a few things worth reflecting on, especially as work on the Digital Single Market (DSM) initiative intensifies.
There is an opportunity for Europe. Today, the United States, China, and India have the majority of cloud-related jobs. The European Commission calculates that cloud computing could add roughly a million new jobs and 0.71 % of GDP by 2020.
Cultural factors were considered by one participant as a “tougher nut to crack” than economic and legal considerations for cloud computing. This is especially the case in Germany where there is a preference among SMEs for in-house IT solutions, even before the Snowden revelations.
Given lingering concerns about U.S. surveillance, there was considerable discussion about local data storage options as a means of building trust. Many major U.S. cloud providers and Internet companies are, in fact, offering their customers those options. However, given that companies often have global operations, and that personal and non-personal data are an integral part of managing those operations, global cloud solutions involving the free flow of data (as long as companies comply with local law) remain optimal.
Although all the participants considered the EU-US Privacy Shield to be important, some observers believe it will ultimately be struck down by the European Court of Justice because U.S. surveillance reforms do not go far enough. Nonetheless, for the time being, the Shield offers a means to transfer data from Europe to the United States. Supporters and skeptics alike should “trust but verify” that the systems work as designed.
The EU’s work on the cloud takes place in the DSM context. With respect to the DSM writ large, for instance, its recent proposals on copyright, there is a lot of work to do to achieve consensus, if that is even possible, over the coming years as Member States and Parliament consider the Commission’s proposals.
For SIIA, the priority should be in this age of low growth to take advantage of the opportunities afforded by the Internet, which it is worth recalling, is a global distributed network of networks. It may well be that for marketing reasons, a considerable part of the future is about offering customers local national or regional data storage solutions. But from a cost and efficiency perspective, global solutions remain preferable. That means that countries should continue to offer cost competitive inter-operability mechanisms such as the APEC Cross Border Privacy Rules and the EU-US Privacy Shield, which allow for cross-border data flows while still ensuring compliance with national laws, including privacy laws.