By now, most people in the business world have felt the impact of Edward Snowden’s revelations that the NSA is heavily monitoring U.S. citizens and corporations under its PRISM project. Since then, we’ve seen countless ripple effects around the world, both in the business world and our personal lives. As a hosting provider in Canada, the U.S. and the UK, the team here at PEER 1 has also seen a noticeable shift as many companies try to figure out just what the NSA’s activity means for them. So, while we’re able to host our customers’ data on both sides of the border, we were curious to find out just how much the IT decision making process has changed since last summer.
With that in mind, we recently commissioned an independent survey of 300 UK and Canadian businesses on storing data in the U.S. There were many interesting results of our survey, but what really stood out to me was the fact that 25 percent of IT decision makers are moving their company data outside of the U.S. due to the NSA scandal. That number jumps up to 1 in 3 when you only look at Canadian IT decision makers! And yet, despite this trend, the U.S. remains the most popular place for Canadian and UK companies to host data outside of their home countries.
Another statistic that jumped out to me was that many organizations admit they are struggling to really understand data laws. In fact, 60 percent of hosting decision makers say they don’t know as much as they should about data security laws, and 44 percent are confused by these laws.
With these results in mind, I offer two pieces of advice to hosting decision makers assessing whether to host their data in the U.S.
First, get informed. You should know where your data is stored and what level of surveillance you’re under, and your hosting provider should be willing and able to provide that information.
- Second, it’s important to recognize that the NSA’s activity is going to drive business outside of the U.S. This isn’t just on the front page of the news – it’s changing the way people make decisions. That should be incorporated into service providers’ strategies going into 2014.
Please be assured that at PEER 1, we had no “inside” knowledge of PRISM and have not been involved with the program in any way. We learned of the existence of PRISM from the same media reports you have read.
We operate in many countries and the laws in each country differ, and of course, the laws with respect to technology, privacy and freedom of information are constantly changing. However, PEER 1 tries to follow the same principle in each area in which we conduct business. This principle can easily be summarized as follows: we will only disclose information when and to the extent that we are required to do so by applicable law.
We do not engage in “voluntary compliance” with law enforcement and do not cooperate with authorities simply because they demand our cooperation. We must be compelled to do so by law and require the appropriate warrant, subpoena or order before we will disclose any confidential information to governmental authorities.
Because the law is changing so rapidly, it may be that at some point in the near future we are compelled by law to provide more disclosures to governmental authorities than we feel is necessary or appropriate. At PEER 1, we continue to strongly oppose any efforts of governmental authorities to circumvent established legal process which does not make disclosure transparent and accountable, and we will continue to fight for both our customers’ rights and worldwide digital civil liberties generally.
If you’re interested in seeing more of the results from the NSA survey, you can download the full findings here.