NSA PRISM Costs U.S. Cloud Services Providers Billions

Written by CJ Arlotta
August 6, 2013

Has the cloud computing business been hurt by the National Security Agency (NSA) PRISM scandal since news of the surveillance project and Microsoft (MSFT), Google (GOOG), and other cloud computing giants' participation was leaked in June? The Information Technology and Innovation Foundation (ITIF) projects it will cost U.S. cloud provider tens of billions of dollars. Here are the details.

Has the cloud computing business been hurt by the National Security Agency (NSA) PRISM scandal since news of the surveillance project was leaked in June? After Microsoft (MSFT), Google (GOOG), and other cloud computing giants confirmed they received user information requests from the NSA, cloud computing players began a deep discussion, and part of the conversation revolved around the financial impact to U.S. cloud providers. So what’s the answer?

Well, to start, a report by the Information Technology and Innovation Foundation (ITIF) projects that the U.S. cloud computing industry could lose between $22 billion and $35 billion in total revenue by 2016 due to recent PRISM revelations.

In addition, the report stated that U.S. cloud service providers could lose between 10 and 20 percent of the foreign cloud market by 2016, when the industry itself is expected to pass $200 billion worldwide. The report claimed this estimate was based on a survey recently conducted by the Cloud Security Alliance, which found that 10 percent of foreign respondents had canceled a project with an American-based cloud computing provider following the PRISM scandal.

ITIF Senior Analyst Daniel Castro, who wrote the report, said in a prepared statement that foreign companies are contemplating the risks that come with a partnership with U.S. cloud providers. And the PRISM news may even be exploited for political gain in countries abroad.

“Some countries may use PRISM as an excuse to enact a series of protectionist policies to restrict access to their markets and promote their domestic cloud providers,” he said.

Enderle Group President and Principal Analyst Rob Enderle, on the other hand, said via email that the damage to the U.S. technology industry will be more severe than ITIF’s projections. That’s because PRISM will hurt IT networking equipment sales to offshore buyers as well as hurting cloud services sales.

“China was moving to ban Cisco, for instance,” he said. “The more visible PRISM becomes, the less likely offshore buyers will be willing to buy any U.S.-sourced computer technology. Because firms don’t understand the breadth of PRISM, they are apparently starting to paint U.S. gear with a broad negative brush.”

Enderle added that if this trend continues, it could potentially create a massive dent in U.S. international technology sales.

The vendors on the other side of the discussion, including cloud data protection solutions provider PerspecSys, defended the safety of U.S.-based cloud providers, as long as they have the right security and privacy in place.

“Unfortunately, the victim in this scenario are the enterprises themselves, since many of the leading and most in-demand cloud SaaS offerings are based in North America,” the company said. “But with the proper security solutions in place, enterprises can confidently adopt cloud services based anywhere in the world while keeping their data resident and within their full control, thereby eliminating concerns about third parties accessing their sensitive corporate information.”

While the debate continues, one thing is clear. Something needs to be done, either by vendors in the market or the U.S. government.

The ITIF report, meanwhile, concluded that the U.S. government has a clear role in the future of U.S. cloud providers: “It is clear that if the U.S. government continues to impede U.S. cloud computing providers, other nations will be more than willing to step in to grow their own industries at the expense of U.S. businesses.”