The NSA Effect: Scandal Casts $35B Shadow Over U.S. Cloud Computing
Many execs in the digital media and marketing industries cringe at the notion that the National Security Administration surveillance scandal has any ties to their consumer data-collection practices. As that debate rages on, a bedrock of the consumer data explosion -- cloud computing -- could be at risk in the U.S.
An August report from the Information Technology and Innovation Foundation predicts as much as $35 billion could leak from the U.S. cloud computing market by 2016 if foreign clients pull business from U.S.-based cloud services. By 2016, Gartner estimated the public cloud computing sector would generate $207 billion.
Advertising agencies, ad tech firms offering marketing software and data management services, and brands themselves use U.S.-based cloud services, which allow relatively easy, cost-efficient access to data they use to run digital ad targeting, email marketing efforts, site optimization and loyalty programs. Amazon is one of the largest providers of cloud-based data services. Even average web users store data such as document and music files in the cloud via services such as Google Drive and Dropbox.
The ITIF report cites a survey of its members conducted by the Cloud Security Alliance in June and July. Among non-U.S. residents, 10% said they had canceled a project using a U.S.-based cloud computing service. More than half, 56%, said they were less likely to use a U.S.-based cloud service.
The primary concern is data security, and whether having data stored with a U.S. firm would give the U.S. government easier access to sensitive information.
It's unclear how or if the NSA-prompted concern could affect the bottom lines of ad technology firms. However, the issue remains a hot-button one. Companies will be asking, "How are you making sure our data is secure?" suggested Daniel Castro, senior analyst at ITIF. "The question would be, would marketers or people who have these CRM tools find it more compelling to either use a non-cloud based service or a non-U.S. cloud based service?"
Traditionally, companies have used dedicated server facilities to store data rather than cloud-based storage; cloud services typically enable firms to pay only for the amount of space and load-capacity they need.
Cloud storage for marketing data has become more popular because, "from a marketer's perspective, it really unencumbers you to move quickly," said Dawn Maire, chief strategy officer at digital consulting firm Rockfish. If marketers are worried about security issues, she suggested, they could consider a hybrid approach. "It doesn't have to be an all-in-one solution," she said. "It could absolutely be 90% of what we have is in the cloud," and the remaining more sensitive data could be stored on a traditional dedicated server.
"Inherently there's always concern with storing your data," said Paul Chachko, CEO of V12 Group. The company distributes a variety of consumer-audience data in the cloud through partner BlueKai, which in turn makes it available for display ad targeting. Whether it's stored with a U.S.-based firm or not, he added, hackers and government surveillance will always be a decision factor.
"There's really no reason for the NSA to even look at what we have," he said, referring to the behavioral data his firm makes available, which he said does not include personally-identifiable information. In discussions with clients and partners, he added, "nothing has come up since [the recent NSA surveillance revelations] that has raised magnification of that issue."
V12 Group has harvested more data from more data provider partners than ever in the past year, including CPG shopper data and auto-related information, said Mr. Chachko.
He argued that companies that collect and store keyword-heavy social media, email and search data may have more reason for concern regarding potential U.S. government intervention. In addition, companies with personally-identifiable health and financial data may be more alarmed by the NSA scandal's impact, he and others noted.
"If you take privacy seriously and have a comprehensive approach then you do not need to reconsider your usage of cloud providers," said Emilia Sherifova, CTO of digital ad firm Pulse Point. "U.S.-based cloud data storage services, like every other decision and provider, should continuously be examined and re-evaluated from the lens of adequately safeguarding users' privacy."