Conducting business on a global scale requires navigating different cultures and customs, plus dealing with different political and legal expectations from one region to the next. It also means that the cultures, customs, politics, and legal expectations of your home nation can impact your ability to do business, which Microsoft and other US companies are beginning to learn firsthand.
It would be nice if business was just business and could be separated from politics and culture, but that is often not the case — especially for companies that deal in technologies that conflict with regional laws or industries with the potential to compromise national security for the customer's country. Those concerns have led the US government and US businesses to question the motives of Chinese companies, like Huawei and ZTE, and block the acquisition of Sourcefire by Check Point.
Now, the shoe is on the other foot. A federal judge ruled that Microsoft must comply with a US warrant for customer data stored in a company datacenter in Ireland. This ruling has a widespread and negative impact on the US technology industry, particularly for cloud companies.
The European Union has a different perspective on privacy and has been much more aggressive in defending personal liberty rather than caving to paranoia to justify infringing on those liberties. The difference in culture was demonstrated recently when Google and other companies were ordered to comply with the "right to be forgotten." When US laws and policies conflict with the privacy expectations of other nations, businesses in those countries are reluctant to do business with US companies.
"As a result of the District Court ruling last week in the Microsoft case, coupled with the NSA PRISM program, US policy is having a serious negative impact on the ability of US technology companies to compete in the global market for cloud-based services and infrastructure," proclaimed Carson Sweet, cloud and data security expert and CEO of CloudPassage. "Cloud computing is likely the largest technology disruption of the last 20 years, and cloud providers are seriously hampered, particularly in Europe, by recent US policies and legal rulings."
If companies can't be confident that their data is secure, that the US government isn't spying on it and doesn't have the legal authority to demand access to it, they will choose to do business with companies that aren't based in the US.
Sweet explained, "As we've worked with EU-based enterprises on cloud security, we've seen a marked drag in public cloud IaaS (Internet-as-a-Service) adoption as the result of privacy concerns. Most of our international customers lean toward private cloud adoption as a result, and many are waiting for non-US-based cloud providers before adoption public cloud IaaS."
The irony for Microsoft is that complying with US law might violate EU law at the same time. It's a tough position for a company like Microsoft to be in — a pawn in an ideological struggle that should really be worked out between the governments. It seems like a no-win scenario for Microsoft, and the fallout of the Microsoft case just adds to the damage already done by NSA PRISM and the Snowden revelations. Ultimately, the US reputation as a surveillance state is affecting the ability of US companies to function around the world.
Get the latest information about Microsoft, including some tips and tricks, by automatically subscribing to TechRepublic's Microsoft in the Enterprise newsletter.
Tony Bradley is a principal analyst with Bradley Strategy Group. He is a respected authority on technology, and information security. He writes regularly for Forbes, and PCWorld, and contributes to a wide variety of online and print media outlets. He has authored or co-authored a number of books, including Unified Communications for Dummies, Essential Computer Security, and PCI Compliance.