Technology has advanced so far in the past 20 years that innovations such as 5G, Artificial intelligence, the Internet of Things, and the cloud have all become major strategic assets. Alongside this growing national significance has come politicization, trade disputes and a rising level of ‘balkanization’ – the process by which technology becomes separated by national or regional boundaries.
Examples include Huawei’s battles with access to US markets and know-how, the EU’s crackdown on tech giants to secure privacy and Russia’s attempt to build an isolated ‘sovereign internet’. Just in the past week, both the UK and France have announced new taxation on global technology businesses to try and level the playing field in their domestic markets. With the dangers of disputes between different countries and regions, I believe we need to look again at the issue of data sovereignty.
Data sovereignty is a hot topic among businesses and SMEs as they try to understand how this border-based controlling of data could challenge cloud adoption. Various forms of data residency laws are cropping up in different countries for differing reasons. Regulations in Indonesia for example state that certain financial data cannot be stored outside the country without prior approval. Australia has made it compulsory for certain health data to be stored locally and Russia’s OPD-Law (On Personal Data Law) requires storage, update and retrieval of data on its citizens to be limited to data centers within the country’s borders. As many organizations are still very much at the start of their journeys in understanding these concepts, they fear increasing restrictions from governments on how to store and manage their data.
In today’s globalized world, data has become one of the defining sources of differentiation for companies. And with 2.5 quintillion bytes of data being created every day, it is important for businesses have a clear sense of where their data is being stored and what rules to abide by for the success of their venture.
With cloud being the most preferred mode of storing enterprise data, businesses and SMEs must be careful when opting for a cloud provider. Choosing a cloud vendor is a matter of serious trust and at no point should 'data sovereignty' be treated lightly.
The past was straightforward – you owned the hardware and the software and also the means of protecting it. But in today’s cloud world, management is required to be aware of the data security processes and policies of the vendor before bringing them on board. Business leaders must also know where the data centers are or where their data is being held, especially when they are working with hyperscalers (like Amazon, Microsoft, and Google).
A growth in regulatory divergence, threats to global supply chains – which include the handling of data – and the use of technology as bargaining chips in international trade relationships could quickly have a host of ramifications for SMEs. This is why it is important that cloud vendors actively pledge to not only keep data in certain jurisdictions but also provide evidence to their customers that they are meeting those commitments.
No business is insulated from the geo-political disputes about vital national technology assets and SMEs should respond to these challenges with careful decisions regarding data storage and hosting.