Kate Baker is a business strategist at Custodian Data Centre.
A need to know and a thirst for content is something that has always invigorated the way that the Internet has grown. Technology has always been the means by which the world has become simultaneously tangible, touchable and close, yet widened as our understanding of the world around us expands.
The World Wide Web and data have become a means of the traditional map boundaries of old being challenged, stretched and tested. It is the ultimate in enabling a global community to exist outside the borders and confines of land and sea. Yet as this web of interconnections has quickly developed, creating a myriad of networks inextricably linked, the political world has struggled to keep up with the speed of technological innovation.
Whether it be online gambling, diversity issues or matters surrounding personal data, the world that we live in has to constantly balance a globalization of information and data use, with the idiosyncrasies of nations and regions. The World Wide Web has opened Pandora’s box leading to retrospective policies across many different legal and political systems.
> tech challenges, international law
The breadth of global legal permutations is endless, meaning that technological innovation not only has to conquer new technical challenges but also be mindful of international laws. Recent legislation that came into force on August 1, 2014, in Russia concerning social media and bloggers is simply a stepping stone when coupled with new legislation due to come into effect in September 2016: this states that all personal data relating to Russian citizens will have to be stored in Russia from this date.
As legal commentator Peter Brophy has pointed out, foreign companies that need to store personal information as part of their processes, will now need to have servers located physically in Russia itself. Brophy points out the potential ramifications for businesses such as the aviation industry that use online booking and ticketing systems for global travel, which leads me to wonder whether this policy is even workable/feasible technically and commercially speaking?
This new legislation is by no means unique. In Brazil following the revelations from Edward Snowden regarding the NSA PRISM program, they have been working on the Marco Civil da Internet (Brazilian Civil Rights Framework for the Internet). It is an act designed to guarantee and safeguard civil liberties and rights in relation to Internet use and requiring companies to store information about Brazilian users in Brazil – which has serious implications for businesses looking to operate in Brazil.
Implications for providers
For many companies which operate their own data centers such as Google or Facebook, it potentially leaves them with the task of building and operating new facilities in these regions in order to continue operating.
Colocation providers face a different challenge as they provide the space which people can rent to house their own servers. They are not in direct control of what application or business is being run by their clients. So what if those servers are holding Russian or Brazilian citizen's data, or have Russian or Brazilian customers, where do they legally stand?
The UK Data Protection Act’s eighth principle states that “personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.” When you read the interpretation of the principle, it suggests that a colocation provider could be subject to “the law in force in the country or territory in question.” Does this mean that despite many colocation providers not knowing what is on a client’s server, they could be unwittingly contravening an international law and in doing so also contravening the UK Data Protection Act?
It would seem to me that colocation providers need to ensure that they have robust contracts and procedures in place to protect themselves in a world where some isolationist data laws seem to be the start of a series of 21st century data related iron curtains.
The downside for colocation providers is that if a series of data isolationist policies developed, businesses could see their potential client pool diminish as they could no longer vie for business on a truly global scale.
Conversely, isolationist data center storage policies needn’t always be a negative development. The need for personal data to be stored in individual countries, means that there is a strategic opportunity for companies to develop new sites abroad and those with the financial ability to do so could corner new geographies.
The tip of the iceberg
In a turbulent world where differences in ideologies continue to spark wars, the Internet is at risk of becoming increasingly politicized. Isolationist data policies are the tip of the iceberg when you look at the potential for political turmoil surrounding the Internet and its ability to challenge national borders.
The growth of Bitcoin, a peer-to-peer payment network, was born from the virtual world, leading to real-world retrospective policies such as the Russian Ministry of Finance drafting regulations to outlaw cryptocurrencies. France has also recently released a report entitled “Regulation in the face of innovation: public authorities and the development of virtual currencies” which discusses how technological advances are affecting the global legal system.
Government policies can only ever react to technological innovation and the disparity between technological change and legal change is one of the greatest tests facing nations.
The growth of decentralized networks such as diaspora, the Tor project and even email, means the ability to control or switch off certain parts of the Internet is becoming a bigger challenge and leading to an underground world without borders. A court order in one country may demand an email provider be closed down, yet email itself will always continue to exist due to the number of alternate email providers out there.
Common sense suggests that the international legal cases currently being tried, such as the U.S. government issuing a warrant to Microsoft for access to emails stored on servers in Ireland, are only the beginning of an international battle to balance isolationist and globalized views of the virtual world, with technology companies such as colocation providers and their legal advisors being in the unenviable position of trying to strategically comply and operate on a global legal scale.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.